Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. Security (Penetration) Testing Associate

Security (Penetration) Testing Associate

Role summary

Security Testing provides Cyber Security assurance by attempting to penetrate existing defences, to feed back on potential vulnerabilities (whether in a system, an application or across the entire IT estate) and co-ordinate the production of a remediation action plan

Role expectations

Typically, at this role level you may perform following responsibilities.

  • Support the scoping, conducting and procurement of penetration tests, red team exercises, vulnerability assessments of IT assets, and other tests to assess the robustness of a system, product or technology
  • Disseminate the implications of test findings, relaying the potential business impact if vulnerabilities are exploited
  • Engage with internal and external stakeholders to provide appropriate Cyber Security assurance in accordance with policy and regulations
  • Report potential issues and mitigation options to appropriate stakeholders or governance forums
  • Contribute to the review and interpretation of reports and contribute to remediation action plan production

Entry route and progression

Learning pathway

Entry level

  • CREST Practitioner Security Analyst
  • Foundation Certificate in cyber security

Associate

  • Tiger Scheme Qualified Security Core Team Member (QSTM)
  • CompTIA Cybersecurity Analyst (CySA+)
  • CREST Registered Penetration Tester
  • SEC560: Network Penetration Testing and Ethical Hacking
  • GIAC Certified Penetration Tester (GPEN)

 

Skills

Penetration testing

Working

Information risk assessment and risk management

Working

Protective security

Awareness

Threat understanding

Awareness

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now