Senior Penetration Tester

As a result of growth, we are looking for an experienced Senior Penetration Tester with solid experience of infrastructure and web application testing to deliver testing engagements on a range of key client work.

This is an excellent opportunity for a highly motivated and determined Penetration Tester to continue their development and work on a range of exciting projects. As well as delivering testing, Bridewell ensures each consultant has access to a dedicated annual team budget for personal development, which includes the CREST and Cyber Scheme exams, online platforms such as Hack the Box, TSCM and TryHackMe, and many other training courses. There is also dedicated time to carry out research and assist with developing new testing methodologies and techniques.

• Deliver and lead high quality offensive security assessments (web application, API and infrastructure), meeting client expectations.
• Get involved in and lead on team assessments as required.
• Produce written and verbal reports to clients to an excellent standard.
• Support the sales team with pre sales and assist with technical input into tenders and proposals.
• Carry out research and service development when not on client deliverable work that can be used to enhance our services to clients.
• Perform report QA.
• Work with teams across the business, providing the latest technical knowledge to collaborate on interesting client projects.

• Strong experience in a client facing role, customer oriented, and able to communicate with all levels of an organisation with appropriate technical content.
• Highly proficient in performing a variety of penetration tests such as infrastructure, web application, API testing and device configuration reviews, etc.
• CREST Certified Tester (CCT) or Cyber Scheme Team Leader (CSTM) with infrastructure specialism - mandatory.
• NCSC CHECK Team Leader (CTL) with at least Principal Cyber Security Professional (PriCSP) title - mandatory.
• Self motivated and able to work independently and as part of a larger team.
• Produce high quality technical and executive reports tailored to both technical and non technical audiences.
• Holds or is able to obtain a minimum of SC clearance.

• OSCP, OSCE, CRTO.
• Knowledge of cloud security (AWS, Azure, GCP).
• Experience in LLM/AI testing.
• Experience in Adversary Simulation / Red Teaming.
• Proficiency in coding or scripting (Python, Powershell, Bash).

Bridewell operates a hybrid and flexible working policy, however you will be required to travel to different sites on occasion.

• Competitive Salary
• 25 Days Holiday - plus buy and sell options
• Flexible Working (around core office hours)
• Company Pension
• Employee Shareholder Scheme
• Dedicated Training Budget
• Life Assurance
• Cycle to Work Scheme
• Electric Vehicle Scheme
• Private Healthcare (incl. Gym discounts)
• Vision Care
• Birthday off (After 1 year)

Bridewell values diversity in the workplace and is a fair and equal opportunity employer. We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.