Prospects.ac.uk

Job profile

Penetration tester

View all information technology vacancies

Penetration testers are security experts who simulate cyberattacks to identify and report vulnerabilities on computer systems, networks, infrastructures and internet sites

As a penetration tester, you'll perform authorised tests on computer systems for organisations, using methods similar to that of a real cyberattack, to expose weaknesses in security that could be exploited by criminals. The work itself can be carried out onsite or remotely.

As well as identifying flaws, you'll also be advising companies and clients on how to minimise risks. Penetration testers are sometimes known as 'pen testers' or 'ethical hackers'. You can choose to specialise in a particular type of system, such as:

  • networks and infrastructures
  • Windows, Linux, and Mac operating systems
  • embedded computer systems, which are designed for specific tasks and exist on larger systems, such as CCTV
  • web and mobile applications
  • cloud environments, which store data on the internet via third party systems as opposed to the user storing on their own hardware device
  • application programming interfaces (API)
  • supervisory control and data acquisition (SCADA) control systems, which are used to monitor and control industrial processes
  • Internet of Things (IoT), such as smart sensors in cars or smart lighting in the home.

You may work in-house for large companies where system security is a crucial function. However, more commonly, you'll be part of a security consultancy or risk management organisation, where you'll work with external clients testing vulnerabilities. It's also possible to work on a freelance basis by securing contracts from organisations.

What does a penetration tester do?

As a penetration tester, you'll need to:

  • plan and carry out remote testing of a client's network, computer systems, or web and mobile applications, checking their infrastructure to expose any security weaknesses
  • work with clients to determine their requirements from the test, such as the number and type of systems they would like testing
  • simulate security breaches to check a system's relative security
  • create and implement new penetration testing methods, scripts, and tools
  • check for gaps in security that could occur from human error, including inadequate password policies or login permissions
  • create reports and recommendations from your findings, including any security issues uncovered and the level of risk, as well as giving advice
  • present your findings, risks, and conclusions to management and other relevant parties
  • understand how the flaws you identify could affect a business or business function if not fixed
  • carry out training for users to minimise future security risks.

How much does a penetration tester earn?

  • Starting salaries for penetration testers in the UK typically fall between £24,000 and £41,000.
  • Experienced penetration testers can earn an average of between £54,000 and £56,000.
  • Salaries for senior and team leader roles average £86,000, based on your professional qualifications and experience. However, this figure can be higher still, depending on the industry you work in.

You'll usually receive a range of employee benefits, such as:

  • bonuses
  • company pension scheme
  • gym membership
  • private medical insurance
  • sponsored training and development opportunities.

If you're working as a freelancer, day rates for pen testers can range from £500 to £1,500 per day, with rates depending on the extent and scope of the work.

Income figures are intended as a guide only.

How many hours does a penetration tester work?

You'll typically work a 37 to 40 hour week. However, flexible schedules are common, and you may need to work outside your usual 9am to 5pm pattern. It's likely you'll be office-based or work remotely from home, but travelling to meet clients is likely. There may even be opportunities to work overseas.

Part-time and hybrid working is possible, as is short-term and freelance work. With several years of experience, you can move into self-employed or consultancy work.

How do I become a penetration tester?

To enter the industry, you'll usually need a relevant degree, in-depth knowledge of computer operating systems and networks, and experience in a role related to information security.

Useful degree subjects include:

  • computer science
  • computing and information systems
  • computer systems engineering
  • cyber security
  • forensic computing
  • network management.

It's unlikely you'll go straight from graduation into a penetration tester role; you will usually need some industry experience. Certain large organisations, however, offer cyber security graduate schemes, which include pen testing.

It's possible to get in with an unrelated degree as long as you have a strong foundation in computer systems. If your degree is in an unrelated subject, studying for an information security related postgraduate qualification could be helpful. Search for postgraduate courses in cyber security.

You could opt to take a Level 6 Cyber Security Technical Professional (Integrated Degree) apprenticeship, combining work with part-time study. The Civil Service also offers a Government Security Cyber Degree Apprenticeship (Level 6), which trains you to become a specialist helping the Government protect the UK.

You'll often be expected to have one or more professional penetrating testing qualifications (trainee and graduate roles will usually include training and certification in these qualifications as part of the role). These include:

  • CREST - Registered Penetration Tester (CRT)
  • EC-Council - Certified Ethical Hacker
  • OffSec - Certified Professional (OSCP)

Look at penetration tester job adverts to get a feel for which certifications employers are looking for. It's also possible to secure a position without a degree if you have significant experience in information security and hold industry certifications.

You may need to undertake security clearance checks when applying for jobs.

Key skills for a penetration tester

You'll need to have:

  • an in-depth understanding of computer systems and their operation and commitment to continuously updating your technical knowledge base
  • excellent spoken and written communication to explain your methods to a technical and non-technical audience, which may also include teaching others and sharing techniques
  • a sharp eye for detail, which is vital to be able to plan and execute tests while considering client requirements
  • the ability to think creatively, laterally, and strategically to penetrate security systems
  • ethical integrity to be trusted with a high level of confidential information
  • exceptional analytical and problem-solving skills and the persistence to apply different techniques to different scenarios
  • business skills to understand the implications of any weaknesses you find.

You will also need skills in programming languages such as Python and Powershell scripting.

Where can I get penetration tester work experience?

There are a growing number of cyber security-related work experience schemes and activities available.

You can practise and develop your penetration testing skills in various ways online. For example, Cyber Games UK runs a series of interactive tests and learning programmes designed to support and enhance cyber talents. They are run by The Cyber Trust, which educates and trains on digital safety.

Another way of developing your skills is through Hack The Box, an online platform where you can improve your 'hacking' know-how through gamification. One such activity is capture the flag (CTF), where teams or individuals must hack and defend systems to 'capture' a file or code. This type of exercise gives you the chance to hone your cyber security skills while also developing a network of contacts.

You can also follow security experts on X, set up a LinkedIn profile, join online security groups, attend industry conferences and events, and read cyber security publications, websites, and blogs.

You may also consider broader experience in IT development and programming, as these fields provide essential foundations of knowledge for penetration testers. Internships and sandwich-placement opportunities are available and can be found on large job sites or by speculatively contacting employers.

Find out more about the different kinds of work experience and internships that are available.

Who employs penetration testers?

There are opportunities to work as a penetration tester across the public and private sector on an employed or freelance (or contract) basis.

You'll often work for consultancy firms who employ testers to work on client contracts. Positions are available at national and multinational companies, as well as via small and medium-sized businesses.

Typical employers include:

  • banks and financial services providers
  • cloud services
  • hospitals and other healthcare organisations
  • local and national government
  • media tech companies
  • retail companies
  • utilities and energy companies.

Look for job vacancies at:

Vacancies are also advertised on professional networking sites such as LinkedIn.

Specialist recruitment agencies such as Cybershark Recruitment and Barclay Simpson also advertise opportunities.

You can find work by targeting speculative applications directly to companies. This can be an especially successful approach if you're looking for a position within small and medium-sized organisations who may be more likely to take on less experienced penetration testers.

The National Cyber Security Centre has a list of verified suppliers who can conduct authorised penetration tests of public sector and Critical National Infrastructure (CNI) systems and networks, which you could use to contact companies speculatively. CREST Marketplace also has a searchable database of accredited member companies providing penetration testing.

There is a known gender bias within the tech and IT industry in the UK. However, companies like We Are Tech Women are working to address this imbalance.

What does learning and development look like for penetration testers?

Your first role will likely typically be in a junior systems administration, IT development, or IT support role. With experience and relevant professional qualifications, you can move into the role of penetration tester.

After around three to five years, you can progress into a team leader position. Then, with a further two to three years of experience, you'll be a specialist practitioner and will be able to apply for larger-scale project leader and management roles.

With even more, you can move into consultancy work or set up as a self-employed penetration tester. Career prospects are good at all levels for people with the right combination of IT-centric skills, qualifications, and experience.

Continuing professional development (CPD) forms a vital part of your career, as you'll be expected to stay ahead of new hacking methods while keeping your skills and knowledge up-to-date. You'll need to stay on top of current technologies and how they may be exploited by criminals.

There are some graduate schemes in cyber security, which usually provide a structured development programme, as well as mentoring and the opportunity to undertake placements in various departments.

It's common to undertake industry-specific qualifications to demonstrate your understanding, knowledge, and experience. Several organisations offer industry qualifications with varying levels of accreditation, from entry-level through to managerial. For senior-level roles, it's often a prerequisite to hold one or more advanced certifications, such as those offered by CREST.

The CHECK scheme allows companies approved by the National Cyber Security Centre (NCSC) to provide qualified penetration testers to work on IT systems for the government and other public sector bodies. To qualify as a CHECK team member (CTM) or team leader (CTL), you'll need to pass an NCSC-accredited CREST or Cyber Scheme examination.