Web vulnerability researcher

An opportunity to join a world-class web security research team and champion the sharing of knowledge about web security vulnerabilities and how to find them.

PortSwigger role vacancy


Based in Cheshire in the United Kingdom, PortSwigger is a global leader in the cybersecurity sector. Our cutting-edge software is used by over 70,000 customers in 150 countries to help them secure their web applications. Our educational and research output is used by millions of people globally to learn about web security.

Our dedicated research team, led by James Kettle, has a track record of pioneering original research into new vulnerability classes and new takes on old bugs, including web cache poisoning, server-side template injection, HTTP request smuggling, CORS misconfigurations, and AngularJS injection.

We would now like to expand the capabilities of our research team with additional expertise in web security vulnerabilities and ways of testing for them.

Role details: Web vulnerability researcher

Timeframe: Permanent position.

Location: Knutsford, Cheshire, United Kingdom.

We are minutes from the M6, and easily commutable from Manchester, Stockport, Wilmslow, Warrington, Chester, Crewe, Macclesfield, and Northwich.

Salary: We pay excellent salaries above the normal market level, and this is always determined based on your individual skills and contribution.

Holidays: 25 days plus public holidays.

Discover why we work better together

Benefits: Share options, 8% employer pension contribution.

Life assurance: 4x salary.

Income protection: full pay for first 6 months of incapacity followed by 75% of salary plus pension contribution.

Private medical insurance (Bupa).

Working hours: Core hours are 9am to 5pm, with flexibility to start any time between 8am and 9.30am.

Apply, or ask any questions

About you

First and foremost, you're a hacker. You love playing with systems, and breaking them.

You've found your niche in web security: understanding the wealth of vulnerabilities that are out there, how to find them, and how to exploit them.

As a seasoned penetration tester, you've encountered pretty much every kind of web security bug there is. You enjoy telling war stories about the crazy bugs that you've found.

You thrive on sharing your knowledge and helping others to learn. You relish the idea of reaching a global audience and teaching them how to hack the web.

Any of the following get you excited:

Key responsibilities

You will:

Essential skills

Be well rewarded

We firmly believe in paying people what they're worth to us, not just what we can get away with or what they could earn elsewhere. We pay excellent salaries above the normal market level, and this is always determined based on your individual skills and contribution. In addition to a generous base salary, we offer share options and a comprehensive benefits package.

Why join PortSwigger?

Meet the Swiggers

We are a diverse group of people with a wide range of interests and backgrounds. What Swiggers have in common is that they all love their work and are exceptionally good at what they do.

Jess H

Jess H, Journalist

Mike S

Mike S, Software Developer

Mohamed H

Mohamed H, Software Developer