Skip to main content
Back to jobs

Academy Penetration Testing Consultant

External
Bridewell logoBridewell · Cardiff, UK
Full-timeHybridToday
MentoringPenetration TestingSAFe
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


About the role

Start Date: 14th September 2026 One of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in protecting and transforming critical business functions for some of the world's most trusted organisations. We are the trusted partner for operators of essential services and provide end-to-end cyber security capabilities that help our clients overcome their security challenges, allowing them to operate safely and securely. Bridewell holds the Gold level, Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly one team. The Opportunity As an Academy Penetration Tester Consultant, you will join Bridewell's 18-month Academy programme and begin your journey towards becoming a qualified offensive security professional. This pathway is designed for individuals with a strong interest in ethical hacking, technical problem solving and helping organisations understand and reduce cyber risk. Throughout the programme, you will develop the technical, consulting and client-facing skills needed to deliver high-quality penetration testing services across a range of environments. You will work alongside experienced penetration testers and offensive security consultants, gaining exposure to real client engagements while building the knowledge, confidence and professionalism required to succeed in a specialist security testing role. During your first six months, you will build a strong foundation in penetration testing methodology, technical security principles, professional consulting behaviours and client delivery. You will work towards key early-career milestones including Cyber Scheme Foundation Level (CSFL), gain a UK Cyber Security Council Professional Title at Associate level and the enrol on the Trainee Cyber Essentials Assessor (TCEA) pathway. This stage will focus on core technical skills, structured learning, shadowing experienced consultants and understanding how Bridewell delivers safe, ethical and high-quality security assessments. During this time, you will also shadow and work alongside experienced consultants, assisting with delivery of real client engagements. Between months seven and twelve, you will continue to develop your practical testing capability and begin delivering more client-facing work. You will deepen your understanding of web application testing, vulnerability identification, reporting and remediation advice, while continuing to build the consulting skills needed to communicate findings clearly and effectively. During this stage, you will work towards Burp Suite Certified Practitioner (BSCP) and complete the Honeycomb Core Consulting Skills training. In the final stage of the programme, from months thirteen to eighteen, you will focus on progressing towards recognised industry practitioner status. You will undertake the Cyber Scheme CSTM Practitioner Training, work towards Cyber Scheme Team Member (CSTM) exam and obtain your PraCSP Professional Title status leading to NCSC CHECK Team Member (CTM) status, as well as Cyber Essentials Plus Assessor. By this point, you will be expected to take on increasing responsibility across engagements, demonstrate sound technical judgement, and contribute to the delivery of penetration testing services with appropriate support and oversight. You will be supported throughout by a dedicated one-to-one mentor, experienced consultants within the offensive security team, and structured access to learning platforms including Hack The Box VIP+ and TCM Security Academy. This combination of formal training, hands-on practice, mentoring and real client experience will give you the opportunity to build a strong foundation for a long-term career in penetration testing. By the end of the Academy, you will have developed the skills, qualifications and practical experience needed to progress into a penetration testing consultant role, helping Bridewell's clients identify security weaknesses, understand technical risk and improve their resilience against real-world threats. Upon successful graduation form the Bridewell Academy you will have attained the following valuable qualifications: Cyber Scheme Foundation Level (CSFL) Cyber Scheme Team Member (CSTM) NCSC CHECK Team Member (CTM) Practitioner Cyber Security Professional (PraCSP) Cyber Essentials Assessor Support the delivery of penetration testing engagements under the guidance of experienced consultants. Follow agreed methodologies, rules of engagement, legal boundaries, and Bridewell quality standards. Carry out vulnerability identification, validation, evidence capture, and initial risk assessment. Contribute to penetration testing reports by documenting findings, impact, evidence, and remediation advice clearly and accurately. Support engagement preparation, including kick-off activities, connectivity checks, and client communication. Escalate risks, blockers, unexpected findings, or sco


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Bridewell? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect