Composition of a CHECK team

Created:  26 Oct 2015
Updated:  15 Jan 2018

A CHECK team is composed of at least one CHECK Team Leader and a number of CHECK Team Members who have passed any of the NCSC accredited CREST, Cyber Scheme or Tiger Scheme examination. Only the NCSC may confer CHECK Team Leader/Member status.

Each proposed Team Member must have relevant qualifications with either CYBER/CREST or TIGER examination bodies. We must also have a reference, in email, to their Date of Birth and PAYE Tax Reference Number when requesting Check Team Member certified status.

Each proposed Team Leader must have relevant qualifications with either CYBER/CREST or TIGER examination bodies. We must also have their full Technical CV that includes; employment history dates, roles and responsibilities along with a reference to their Date of birth and PAYE tax reference number.

We also require that each Team Leader submits 2 redacted reports they have authored and answers to the following three questions, on a separate sheet of paper:

  • In the previous 3 years, how many months have you been employed primarily as a pen tester?
  • In the previous 12 months, how many penetration tests have you personally conducted? If under 10 please state the number of days spent performing penetration tests.
  • How many penetration test reports have you personally written in the last 12 months?

All members of a CHECK team will need to hold a valid SC clearance. If they already hold an SC clearance a copy of the certificate should be submitted along with their application.

Prospective CHECK Team Leaders and Team Members will have passed the relevant NCSC approved assault course. A minimum of 12 months experience as a penetration tester will be required to be demonstrated in the last 36 months for CHECK Team Leaders.

Note that inexperienced and trainee penetration testers will not be accepted into a CHECK team and that CHECK work should not be used as a training assignment.

As CHECK is a penetration testing scheme, we will not approve the addition of individuals who are not penetration testers.

Was this information helpful?

We need your feedback to improve this content.

Yes No