[Hiring] Penetration Tester @Bugcrowd

Role Description

We are seeking a motivated and driven Associate Penetration Tester to join our team of existing security specialists. This role is a foundational position, focused on developing core skills in offensive security testing under the guidance of more senior team members.

As an Associate Penetration Tester, you will be responsible for working through existing methodologies and applying them against assigned targets to identify security vulnerabilities. This will support the team's overall mission of helping improve our client’s infrastructure and codebase by raising high quality (and often high impact) security concerns as evidenced by your capability to exploit.

This is an excellent opportunity for an individual with a strong passion for cybersecurity to learn and grow within an elite offensive security team.

Primary Role Responsibilities

• Conduct Structured Testing to Identify Security Vulnerabilities:
  • Demonstrating a functional understanding of modern attack vectors and penetration testing software.
  • Technically capable of using them in the identification of security vulnerabilities in Web applications, APIs, and network infrastructure.
  • Consistently complete assigned penetration tests within allocated timeframes, and in accordance with our methodologies.
• Continuous Learning:
  • Actively engage in keeping up-to-date with fundamental security concepts and core testing tools.
  • Apply newly acquired knowledge under instruction and supervision.
• Problem Identification & Escalation:
  • Promptly identify and effectively communicate technical blockers or concerns to mentors or Technical Pentest Managers (TPMs).
  • Actively seek clarification and guidance to avoid missteps.
• Team Support & Documentation:
  • Assist in test retrospectives, documentation of processes, and provide support to more senior team members as directed by the team lead or manager.
• Working Hours:
  • Be able to execute testing within UK core business hours (09:00 - 17:30 GMT).
  • Some tests may fall outside of these hours, but the majority of tests will need to be completed within this timeframe.

Qualifications

• 6+ months as a penetration tester (or equivalent demonstrable experience) with a foundational understanding of wider cybersecurity concepts and best practices.
• Familiarity with commonly used security testing tools (e.g. BurpSuite, Nmap) and approach to penetration testing activities.
• Strong desire to learn, good communication skills for peer and mentor interactions, and the ability to follow instructions.
• Strong written and spoken business English (C1+ or native fluency).
• Certifications such as CEH (Certified Ethical Hacker), OSCP(+) (Offensive Security Certified Professional), CPSA (CREST Practitioner Security Analyst), etc. are considered a plus.

Working Conditions and Physical Requirements

• The ideal candidate must be able to complete all physical requirements of the job with or without reasonable accommodation.
• Sitting and/or standing - Must be able to remain in a stationary position 50% of the time.
• Carrying and/or lifting - Must be able to carry/move laptop as needed throughout the work day.
• Environment - remote, work-from-home 100% of the time.

Culture

At Bugcrowd, we understand that diversity in the workplace is vital to a company’s success and growth. We strive to make sure that people are included and have a sense of being part of making Bugcrowd not only a great product but a great place to work.

We regularly hear from both customers and researchers that Bugcrowd feels like a family, and we strive to maintain that internally as well.

Our team consists of a broad range of people: musicians, adventure sports junkies, nature lovers, parents, cereal enthusiasts, night owls, cyclists, artists—you get the point.

At Bugcrowd, we are solving security threats and vulnerabilities that are relevant to everyone, therefore we believe solving these problems takes all kinds of backgrounds. We value the perspectives and experiences people from underrepresented backgrounds bring.

Disclaimer

This position has access to highly confidential, sensitive information relating to the technologies of Bugcrowd. It is essential that the applicant possess the requisite integrity to maintain the information in the strictest confidence.

The company is authorized to obtain background checks for employment purposes under state and federal law. Background checks will be conducted for positions that involve access to confidential or proprietary information (including trade secrets).

Background checks may include Social Security verification, prior employment verification, personal and professional references, educational verification, and criminal history. Applicants with conviction histories will not be excluded from consideration to the extent required by law.

Any personal data you submit in connection with your application will be processed in compliance with Bugcrowd's Privacy Policy, which you may review here: https://www.bugcrowd.com/privacy .

Equal Employment Opportunity

Bugcrowd is EOE, Disability/Age Employer. Individuals seeking employment at Bugcrowd are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.

Bugcrowd is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Bugcrowd will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact HR at ADA at bugcrowd.com.

Apply at: https://www.bugcrowd.com/about/careers/