Cookies — it's your choice

At Bright Network we use cookies and similar technologies to help deliver you the best possible experience. Some are necessary to help our website work properly and can't be switched off, and some are optional but support Bright Network in building and running the service that we provide to you.

Data we store

You can find out more in our privacy policy at any time by going to the link in our footer.

  1. Home
  2. Internships
  3. Technology & IT Infrastructure
  4. Internship Penetration Testing Cyber Security 2022
Lock Applications for this job are now closed
Closing soon

Founded in 2003, Nettitude is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace. Through our research and innovation centres, we provide threat led services that span technical assurance, consulting and managed detection and response offerings.

To learn more, please visit https://www.nettitude.com/

The role

We have a dedicated Penetration Testing team within our business and due to continued growth we have two opportunities for internships.

The role includes training and you will be included in our Accelerator Scheme course which will teach you about penetration testing methodology and client interaction. You will also be responsible for delivering Managed Vulnerability Scanning and PCI assessments using our ASV platform which will familiarise you with the types of vulnerabilities often encountered and how they are remediated.

During your internship you will start to become involved in live penetration tests with our clients where you will shadow our senior consultants and begin to perform your own engagements with support. This will give you an understanding of the full life-cycle of a penetration test and some real-life experience in being a pentester. You’ll also be helping out and supporting the team with other tasks that come in to help us function efficiently.

The move to remote working has come with some challenges and part of our model is building and sending laptops to our clients in order to provide remote testing capabilities. Part of your job role would consist of managing this process, ensuring that laptops are built and delivered to our clients by courier and collected again to support the testing.

This role will provide a wealth of experience in many areas and give you a true to life view of what it is like to be a penetration tester at Nettitude.

Location

This role is office based, however may include operating from a remote perspective subject to updates and changes to Nettitude’s COVID policy and guidance. The role is open to applicants across the UK. Applicants need the right to work in the UK.

What you’ll be doing

In your role you will:

  • Learn the technical and soft skills needed to perform penetration testing in a guided and group setting with the Accelerators.
  • Perform Managed Vulnerability Scanning and PCI assessments.
  • Manage the building and delivery of our remote laptops to our clients, ensuring that remote tests can be carried out effectively.
  • After your training has completed, start to perform penetration tests from end to end, including kick off calls and debriefs.
  • Support the penetration testing team and wider business with additional tasks when required.
  • Presenting and discussing findings with clients.
  • Joining in on our team meetings and clinic days, discussing and presenting interesting tools, techniques and vulnerabilities.

Key skills

  • Demonstrably strong technical, social and presentation skills.
  • Demonstrably strong written and speaking English skills.
  • Demonstrably strong analytical/problem solving skills.
  • Demonstrably strong time and task management skills.
  • Ability to learn quickly and research unknown topics.

Desirable knowledge & experience

  • Currently studying a Computer related degree and looking for placement year.
  • An interest and passion for penetration testing.
  • Technical knowledge of hacking and penetration testing techniques.
  • Experience with capture the flag / hackathon type events.

What we offer

  • The opportunity to learn from experience and skilled penetration testers.
  • A comprehensive training course covering web application, external infrastructure and internal infrastructure.
  • Regular clinic days where the whole team attends presentations by other team members or guest speakers. These can also include CTFs and digital detox days.
  • Opportunities to become familiar with technology such as the cloud and IoT and how security relates to them.
  • A chance to get real world and hands on experience at being a Penetration Tester at Nettitude.

Apply?

Are you interested in this job? Apply now via the ‘apply’ button and upload your C.V. and cover letter to:

You will also need to complete our capture the flag exercise and send us a written file outlining how you managed to get capture the flag.

Once you have applied through the capture the flag, your application will be reviewed within a week and, if your application is successful, we will schedule an interview with you at the next available date.

The capture the flag exercise will require some out of the box thinking and problem solving skills in order to get to the flag. You will encounter a mixture of disciplines and may need to do some research, but we will be looking for not only for the flags you get but the challenges you had to overcome in your written analysis. More details on the rules and conditions for the capture the flag can be found on the link below, please ensure you have read and understood them. Good luck, and enjoy!

Please sign up for an account on our Nettitude Accelerator Programme Capture the Flag) site here:

https://nettitude.ctf.acceleratorscheme.com/register-front.php?SF_Integration_Code=35319

For all flags corresponding to VM based challenges, you need to submit a written file as well. This will be a text file containing a brief description of how you managed to get the flag. Non VM-based challenges do not require a written analysis.

You can submit a written analysis even if you didn’t get the flag; we appreciate the thought process, not only arriving to the destination and getting the flag. Whilst we encourage people to put their wits against all the challenges we have on offer, completion of all is not required to be considered for the programme.  Two well written analyses would be enough to apply and be considered for the role.

Rules of engagement

All rules are specified on our CTF system; you must read and abide by the rules and engagement.

The labs.nettitude.com website and all associated infrastructure (e.g. CTF registration server, etc.) are strictly out of scope.  The system clearly states what is in scope.

If you encounter any issues, please contact an admin at: administrator@acceleratorscheme.com

We will be reviewing candidates’ submissions weekly and will contact those who are successful via e-mail to arrange a telephone interview.

Good luck!