Penetration Tester United Kingdom

Bugcrowd is a security platform that empowers organizations to protect themselves against threat actors by uniting the collective expertise of elite hackers, supported by data and AI‑powered technology.

Bugcrowd is looking for a motivated Associate Penetration Tester to join our existing security specialists team. This foundational position focuses on developing core offensive security skills under the guidance of senior team members.

• Conduct Structured Testing to Identify Security Vulnerabilities:
  • Demonstrate a functional understanding of modern attack vectors and penetration testing software to identify vulnerabilities in web applications, APIs, and network infrastructure.
  • Consistently complete assigned penetration tests within allocated time frames and in accordance with our methodologies.
• Actively engage in keeping up to date with fundamental security concepts and core testing tools, applying newly acquired knowledge under instruction and supervision.
• Problem Identification & Escalation:
  • Promptly identify and communicate technical blockers or concerns to mentors or Technical Pentest Managers as needed, actively seeking clarification and guidance.
• Team Support & Documentation:
  • Assist in test retrospectives, documentation of processes, and provide support to senior team members as directed.
• Working Hours:
  • Execute testing within UK core business hours (09:00 – 17:30 GMT). Some tests may fall outside these hours, but the majority require completion during this timeframe.

• Experience: At least 6 months as a penetration tester (or equivalent demonstrable experience) with foundational knowledge of wider cybersecurity concepts.
• Technical
  
  Skills:
  
  Familiarity with common security testing tools (e.g., Burp Suite, Nmap) and approach to penetration testing activities.
• Soft Skills:
  • Strong desire to learn, effective communication with peers and mentors, and the ability to follow instructions.
  • Strong written and spoken business English (C1+ or native fluency).
• Certifications: CEH, OSCP(+), CPSA, and other relevant credentials are a plus.

• The role is remote and requires 100% work‑from‑home participation.
• Must be able to sit or stand for 50 % of the time and carry a laptop throughout the workday.
• Ability to meet all physical requirements of the job with or without reasonable accommodation.

This position requires access to highly confidential, sensitive information about Bugcrowd’s technologies. Candidates must maintain the utmost integrity and confidentiality.

Bugcrowd is authorized to conduct background checks for employment purposes. The checks may include social security verification, prior employment verification, references, educational verification, and criminal history. Applicants with convictions are not excluded to the extent required by law.

Bugcrowd is an equal opportunity employer and does not discriminate based on race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.

Bugcrowd is committed to full inclusion of all qualified individuals and will provide reasonable accommodations for disabilities. If accommodations are required, please contact HR at .

Bugcrowd accepts resumes in the following file types: pdf, doc, docx, txt, rtf.