Security Penetration Tester

Job Description

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

About Us

Our mission at BAE Systems Digital Intelligence is to collect, connect and understand complex data, so that our customers can unlock digital advantage in the most demanding environments.

At our Malaysian Global Delivery Centre, we work with clients from around the world to deliver cyber technical services to support our customers in keeping their systems secure in today’s hostile digital world.

As an Security Penetration Tester, you will perform comprehensive penetration testing assessments across a wide range of sectors and produce comprehensive written reports to meet high industry standards. Beyond the testing itself, you will be involved in client pre-engagement processes, contributing to scoping tasks and drafting proposals.

This position is part of our global Cyber Technical Services team, which includes adjacent areas such as Threat Intelligence and SOC Consulting.

Your role will involve:

• Delivery of end-to-end security testing engagements, including scoping and client wash-up meetings.

• Performing a wide range of security testing types such as web application, infrastructure and objective based/red teaming.

• Production of detailed reporting and presentations for both technical and non-technical stakeholders.

• Safe and responsible use of testing tools, ensuring controls are in place to limit risks during customer engagements.

• Developing improvements in terms of scripts, tools, or techniques to enhance the Security Testing team's capabilities.

• Maintaining an up-to-date knowledge of information security issues, continuously learning about new technologies, methodologies, and techniques.

• Knowledge sharing with colleagues in other teams, such as Threat Intelligence, Incident Response, and the wider Security Consulting community.

• Assist and support team members in troubleshooting complex technical issues, reviewing vulnerability findings, and validating penetration test results to uphold high standards of accuracy, consistency, and reporting quality.

• In the longer term there may be opportunity for international travel to deliver for our global customers at customer sites.

Role requirements

• At least 3 years of relevant work experience in common offensive penetration testing domains such as testing of web applications, infrastructure and red teaming. Experience with wireless and mobile testing also an advantage.

• We are looking for those with a passion for cybersecurity. Those who contribute to cybersecurity related blogs, engage in vulnerability research/bug bounties or other community related events will be looked at favourably

• Evidenced skills through industry recognised certifications such OSCP, CREST or CRTO

• Confident communicator with excellent spoken and written English communication skills

• Experience using common industry tools such as Kali Linux, Nessus & Burpsuite

Desirable

• Knowledge of C2 frameworks such as Cobalt Strike

• Threat hunting or compromised assessment experience

What We Offer

• You will have a dedicated line Manager to help you develop your career and guide you on your journey through BAE Systems Digital Intelligence.

• We will support your personal training and development in the areas of cybersecurity by sponsoring training courses and certification exams (i.e OSCP, CREST, CRTO).

• Work-life balance is important; you will get 18 days holiday a year (increases to 21 after 5 years’ service).

• We support hybrid working and give flexibility for teams to decide on the balance between remote and office-based working.

• Our benefits package includes private family medical cover, maternity (4 months), paternity (2 weeks), study leave & Optical/ Dental/ Health screening allowance.

• You’ll be part of our annual bonus and share award scheme.

Why BAE Systems?

This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation.