Penetration Tester - Supplementary Information

Created:  15 Feb 2016
Updated:  01 Aug 2016
Qualifications for the Penetration Tester role

For the Penetration Tester role the following qualifications are required:​

Practitioner Penetration Tester – SFIA Responsibility Level 3

  • CREST Practitioner Security Analyst
  • GCHQ Practitioner Penetration Tester

Senior Penetration Tester – SFIA Responsibility Level 4

  • Cyber Scheme Team Member
  • Tiger Scheme Qualified Security Tester
  • Crest Registered Tester
  • GCHQ Senior Penetration Tester

Principal Penetration Tester – SFIA Responsibility Level 5

  • CREST Certified Infrastructure Tester
  • CREST Certified Web Application Tester
  • Tiger Scheme Senior Security Tester
  • Tiger Scheme Web Application Tester
  • GCHQ Principal Penetration Tester
  • Cyber Certified Infrastructure Tester
  • Cyber Certified Web Application Tester

Lead Penetration Tester – SFIA Responsibility Level 6

Shall hold, or have previously held, a qualification that meets/met the skill, knowledge and competence requirements as defined in the Principal Penetration Tester role, and is either still qualified, or since qualifying has remained active in an area pertaining to penetration testing.

Related Pages

Penetration Testing

Composition of a CHECK team

CHECK fundamentals Principles



Was this information helpful?

We need your feedback to improve this content.

Yes No