Should I Consider a Career in Penetration Testing?

There are many new age jobs available in the 21st Century that our parents can’t quite get their heads around. Whether it is an SEO specialist or UX designer, one of the most new and interesting careers that exists is known as a ‘penetration tester.’

A penetration tester will test out the vulnerabilities of a company’s website and IT security and identifies any holes that could be exploited by hackers. 

Cybersecurity is big business. In fact, experts suggest that there is some kind of cyber attack against an individual, SME or business every four seconds and the cost to the world economy exceeds more than $6bn per year.

In a fast-growing space and a very niche product offering, a career in penetration testing could be very appealing.

What does a penetration tester do?

A penetration tester or team is involved in finding any holes or problems with a company’s IT security and they present any vulnerabilities and how to safeguard them. This may include looking at passwords, firewalls, servers, content management systems, databases, back-ups, monitoring and more - and then providing the systems to uphold these security measures.

The tester essentially has to hack into the site to find any loose areas, hence the role is also commonly known as ‘ethical hacking.’

A penetration tester may work independently or with a company and their clients could include banks, insurers, online platforms, councils, online retailers or anyone holding important data or needing to operate smoothly online.

For instance, if a major UK bank, global email provider or social media network was hacked and went down for hours, there would be huge financial repercussions, including damage to their brand and share price volatility. Many firms have already suffered data breaches and this has been very costly, including Manchester United, Linkedin and Equifax.

How do you become a penetration tester?

The Certified Ethical Hacker Certification (CEH) is an entry level exam that is globally recognised as a standard for ethical hackers. Advanced qualifications include Certified Expert Penetration Tester, LPT (Licensed Penetration Tester), OSCP (Offensive Security Certified Professional) and OSCE (Offensive Security Certified Expert).

However, a lot of people fall into penetration testing from other backgrounds in IT, including software development, app building, programming or system operation. You may also find that testers come out of the army or intelligence units with a knowledge of penetration testing that they can transfer. For more information, read this guide on how to become a penetration testing specialist.

Technology moves fast and a lot of the job involves learning as you go or being trained by the employer you work for.

Is it a good career?

Yes, penetration testing is a good career in 2021 and there is certainly a huge demand for this very specific skill set - especially since cyber attacks are a constant threat year-on-year.

Starting salaries range from £20,000 to £30,000 and this tends to increase with more experience and progression in your career. Job site Reed.co.uk estimates that the average salary for a penetration tester in the UK is around £70,000 per year.