- A penetration tester will test the existing cybersecurity of a business and identify any holes that could be exploited by hackers
- Otherwise known as ethical hacking, a penetration tester will mimic the work of a potential hacker
- Graduate penetration testers can earn between £20,000 to £30,000
What Does a Penetration Tester Do?
A penetration tester, also known as an “ethical hacker” is hired by companies to test their internal systems in order to seek out any existing weaknesses or vulnerabilities. They fall under the cybersecurity sector and essentially mimic the work of a hacker in order to highlight to a company how they might be better protecting their data.
Penetration testers simulate cyberattacks and security breaches in order to sense flaws in existing systems. Their goal is to try and beat the system in order to access sensitive and private company and customer data. The theory is, if a penetration tester can do this, so can a hacker.
What Qualifications Do You Need to Become a Penetration Testing Specialist?
In order to become a penetration testing specialist, there is not one specific career path. That being said, a degree in Computer Science, Computer Information Systems or something similar will help lay the foundation for a penetration testing career. These offer a broad perspective on app development, software design, programming and system operation, depending on the degree. For many in this field, they begin their career in a more general area of IT and tech, eventually specialising in penetration testing.
There are specific penetration-testing programmes which could also help you kickstart your career. The Certified Ethical Hacker Certification (CEH) is an entry level exam that is globally recognised as a standard for ethical hackers. It teaches the latest hacking and malware tactics to help you prevent complex security breaches.
Other entry level exams include the GPEN certificate from the Global Information Assurance Certification and the CPT (Certified Penetration Tester). For those seeking an intermediate-level qualification, PenTest+ by CompTIA and ECSA from the EC Security Council are recommendable.
For those already established in their careers, the best advanced qualifications for penetration testing put advanced skills to the test including manipulation and exploitation of shellcode, reverse engineering tasks, combating real-life vulnerabilities and evading antivirus software. The exams are not for the faint-hearted, with some even lasting as long as 48 hours. The best ones include:
- Certified Expert Penetration Tester
- LPT (Licensed Penetration Tester)
- OSCP (Offensive Security Certified Professional)
- OSEP (Offensive Security Experienced Penetration Tester)
What skills do you need to become a Penetration Testing Specialist?
To work in the penetration testing field, you should see if you have the required skills. These include:
- Scripting / Coding
- Strong working knowledge of networks
- Skillful command of operating systems
- Knowledge of vulnerabilities and exploits
- A desire to learn and stay current
- Clear communication skills
- Teamwork mentality
What is the salary of a penetration tester?
Graduate and junior penetration tester salaries typically start somewhere between £20,000 and £30,000. As you progress in your career, you can be earning between £40,000 and £65,000, rising to £70,000 for more senior and team leader roles. At the top of your career you could be earning a 6 figure salary. Job site Reed.co.uk estimates that the average salary for a Penetration Tester in the UK falls around £69,989, annually.