Skip to main content

What do you think of this service? Your feedback will help us to improve it.

Security Testing

Role overview

Security Testing (formerly known as Pen testing or Penetration testing) provides Cyber Security assurance by attempting to penetrate existing defences, to feed back on potential vulnerabilities (whether in a system, an application or across the entire IT estate) and co-ordinate the production of a remediation action plan.

Role level

Skills

Skill Associate Lead Principal
Penetration testing Working Practitioner Expert
Information risk assessment and risk management Working Practitioner Expert
Protective security Awareness Working Practitioner
Threat Understanding Awareness Working Practitioner

Core learning

Entry level  

CREST Practitioner Security Analyst

Foundation Certificate in cyber security

CompTIA IT Fundamentals

Associate level  

CompTIA Cybersecurity Analyst (CySA+)

SEC560: Network Penetration Testing and Ethical Hacking

SEC660: Advanced Penetration Testing, Exploit Writing and Ethical Hacking

Lead level  

(ISC)2 Certified Information Systems Security Professional Training (CISSP) incl Exam

Advanced Infrastructure Hacking

ISTQB Advanced Security Testing

Principal Level

CompTIA Advanced Security Practitioner (CASP+)

SEC699: Purple Team Tactics – Adversary Emulation for Breach Prevention & Detection

ISTQB Advanced Security Testing

Accreditation

UK Cyber Security Council: Standard of Professional Competence and Commitment: Security Testing

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now