CREST / CHECK Certified Penetration Tester for UK Healthcare SaaS Platform
Job Description:
We are looking for an experienced penetration tester to perform a grey-box or black-box assessment on a healthcare-focused SaaS platform that integrates with UK government digital services (e.g. NHS EPS, DSP Toolkit compliance).
This is a security-critical project, and we require formal reporting aligned with UK regulatory standards.
Requirements (Must-Have 1 Certification):
Please only apply if you hold one of the following UK-recognised qualifications:
CREST Registered Penetration Tester (CRT)
CHECK Team Member
CHECK Team Leader
Tigerscheme CTM
Cyber Scheme Team Member (CSTM)
Cyber Scheme Team Leader (CSTL)
š Scope of Work:
Pen test of web application and REST APIs
Grey-box or black-box (depending on agreed access level)
Testing aligned with OWASP Top 10, OWASP API Top 10, and NIST standards
Final PDF report with:
Executive summary
Technical findings with CVSS scores
Proof-of-concept and screenshots
Remediation recommendations
š
Timeline:
š To Apply, Please Include:
Confirmation of which qualification you hold
A sample redacted report (if available)
Your availability over the next 1ā2 weeks
Fixed price quote for the engagement