Penetration Tester

• Conduct Structured Testing to Identify Security Vulnerabilities:
  • Demonstrating a functional understanding of modern attack vectors and penetration testing software as well as being technically capable of using them in the identification of security vulnerabilities in Web applications, APIs and network infrastructure.
  • Consistently complete assigned penetration tests within allocated timeframes, and in accordance with our methodologies.
• Continuous Learning:
  • Actively engage in keeping up-to-date with fundamental security concepts and core testing tools, applying newly acquired knowledge under instruction and supervision.
• Problem Identification & Escalation:
  • Promptly identify and effectively communicate technical blockers or concerns to mentors or Technical Pentest Managers (TPMs) as needed, actively seeking clarification and guidance to avoid missteps.
• Team Support & Documentation:
  • Assist in test retrospectives, documentation of processes, and provide support to more senior team members as directed by the team lead or manager.
• Working Hours:
  • Be able to execute testing within UK core business hours (09:00 - 17:30 GMT). Some tests may fall outside of these hours, but the majority of tests will need to be completed within this timeframe.

• Experience: 6+ months as a penetration tester (or equivalent demonstrable experience) with a foundational understanding of wider cybersecurity concepts and best practices.
• Technical Skills:Familiarity with commonly used security testing tools (e.g. BurpSuite, Nmap) and approach to penetration testing activities.
• Soft Skills:
  • Strong desire to learn, good communication skills for peer and mentor interactions, and the ability to follow instructions.
  • Strong written and spoken business English (C1+ or native fluency).
• Certifications:Certifications such as CEH (Certified Ethical Hacker), OSCP(+) (Offensive Security Certified Professional), CPSA (CREST Practitioner Security Analyst), etc. are considered a plus.

• The ideal candidate must be able to complete all physical requirements of the job with or without reasonable accommodation.
• Sitting and / or standing - Must be able to remain in a stationary position 50% of the time
• Carrying and / or lifting - Must be able to carry / move laptop as needed throughout the work day.
• Environment - remote, work-from-home 100% of the time.

• At Bugcrowd, we understand that diversity in the workplace is vital to a company’s success and growth. We strive to make sure that people are included and have a sense of being part of making Bugcrowd not only a great product but a great place to work.
• We regularly hear from both customers and researchers that Bugcrowd feels like a family, and we strive to maintain that internally as well.
• Our team consists of a broad range of people: musicians, adventure sports junkies, nature lovers, parents, cereal enthusiasts, night owls, cyclists, artists—you get the point.

At Bugcrowd, we are solving security threats and vulnerabilities that are relevant to everyone, therefore we believe solving these problems takes all kinds of backgrounds. We value the perspectives and experiences people from underrepresented backgrounds bring.

This position has access to highly confidential, sensitive information relating to the technologies of Bugcrowd. It is essential that the applicant possess the requisite integrity to maintain the information in the strictest confidence.

The company is authorized to obtain background checks for employment purposes under state and federal law. Background checks will be conducted for positions that involve access to confidential or proprietary information (including trade secrets).

Background checks may include Social Security verification, prior employment verification, personal and professional references, educational verification, and criminal history. Applicants with conviction histories will not be excluded from consideration to the extent required by law.

Any personal data you submit in connection with your application will be processed in compliance with Bugcrowd's Privacy Policy, which you may review here: https://www.bugcrowd.com/privacy.

Bugcrowd is EOE, Disability/Age Employer. 

Individuals seeking employment at Bugcrowd are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. 

Bugcrowd is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Bugcrowd will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact HR at ADA at bugcrowd.com.

Apply at: https://www.bugcrowd.com/about/careers/