Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. Security (Penetration) Testing Principal

Security (Penetration) Testing Principal

Role summary

Security Testing provides Cyber Security assurance by attempting to penetrate existing defences, to feed back on potential vulnerabilities (whether in a system, an application or across the entire IT estate) and co-ordinate the production of a remediation action plan

Role expectations

  • Lead large-scale, cross-functional or highly complex penetration tests, red team exercises, vulnerability assessments of IT assets, and other tests to assess the robustness of a system, product or technology
  • Disseminate the implications of test findings and explain the potential business impact if vulnerabilities are exploited to senior level leadership across government
  • Lead engagement with senior internal and external stakeholders to manage and provide appropriate Cyber Security assurance to the required standard and in accordance with policy and regulations
  • Advise on complex issues and mitigation options to appropriate stakeholders or governance forums, acting as an SME across government, the public sector, and industry
  • Be the key decision maker on reports, overseeing the remediation of vulnerabilities post-penetration testing

Accreditation level

Chartered

Uk Cyber Security Council – Standard of Professional Competence and Commitment: Security Testing

Learning pathway

CREST Certified Simulated Attack Specialist

Skills

Penetration testing

Practitioner

Information risk assessment and risk management

Practitioner

Protective security

Working

Threat understanding

Working

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now