A Day in the Life of a Pentester

Do you enjoy finding vulnerabilities, analysing systems in-depth, and contributing to digital security? At Orange, our teams protect network infrastructures every day, detect vulnerabilities, and take decisive actions to ensure the continuity of often critical services.

But what does that look like on a daily basis? Follow Mia, a pentester at Orange Cyberdefense in Oslo, as she explains her role and shares her typical day.

Digest

  • You switch between vulnerability research, client meetings, and recommendations.
 
  • You collaborate continuously with other cybersecurity experts.
 
  • You keep learning through varied and challenging assignments.
 
  • You work in an environment where ethical hacking is a shared passion.

What is the mission of a pentester at Orange?

In three words: test, document, advise. You identify security weaknesses, prepare intrusion tools to validate potential vulnerabilities, and suggest corrective actions.
"My job is to test the security of websites, applications, and information systems, especially to protect your data."

Mia, Pentester at Orange Cyberdefense.
Learn more
A sense of mutual respect and mindfulness permeates our culture-in fact, it’s the key to our success.

How does your day start as a cybersecurity expert?

With a coffee in hand, you catch up with the team. Then? You plan your day, check a technical point, and resume a test left on hold the day before. You dive straight into the work.

"Arriving at work, we chat with the team over coffee. I plan my day. Then I start researching a technical aspect that challenged me yesterday during a hacking test." 
Mia, Pentester at Orange Cyberdefense.

Solo or team: how does a pentester work?

Both. You are autonomous in your analyses but part of a collective. Here, no one gets stuck alone on a problem. We share, challenge each other, and progress together. A question about a vulnerability? Need expertise on a specific point? You ask, share your analysis, and sharpen your skills. The daily life of a pentester is about learning from others and contributing in return.

"During a coffee break, I asked one of my colleagues for help; his speciality is mobile intrusion testing. In the afternoon, I visit a client with two team members to present our report orally and answer questions. This assignment mainly involved social engineering, which happens to be my speciality."
Mia, Pentester at Orange Cyberdefense.

Do you meet clients daily at Orange Cyberdefense?

Yes, contact with client teams is daily, during meetings, presentations, and follow-ups. You explain the vulnerabilities of a sensitive site. You describe an intrusion test carried out two weeks earlier. You answer questions. Your mission goes beyond the technical aspects of ethical hacking; you advise, support, and reassure clients.

"At 10 a.m., just after leaving a client meeting, I write a quick report. I plan everything down to the smallest detail, including the hacking tools I will use. I send my proposal to the client. It will take about two weeks to analyse how the site is built, identify potential vulnerabilities, and test them.
Before lunch, I start drafting the security report for a client I’ve been working with for almost six months on vulnerability management. It gave us time to get to know each other well. Writing will take about two days, then I’ll present it to them."
Mia, Pentester at Orange Cyberdefense.

How do you handle follow-up after a cybersecurity test?

Documentation, reports, reusable scripts… nothing is left to chance. Each assignment feeds into the next. Clarity and rigour are key for yourself, your colleagues, and your clients.

"Early in the day, I identified a major security flaw (password-related), called the client’s IT manager immediately to inform them, and put a corrective action in place.
Later, back at the office after a client visit, I resumed testing an API. Documentation must be up to date! Tedious, but it saves so much time when writing reports and for future assignments."
Mia, Pentester at Orange Cyberdefense.

What makes each day different as a pentester at Orange?

It can be the industry, the approach to a mission, or the method used to test a client’s security. You evolve, adapt, and grow. Between a Red Team mission, a social engineering test, a banking website audit, and a mobile pentest… you never get bored.

"This morning, I started researching a technical aspect that challenged me yesterday during a hacking test. At 3 p.m., we begin a first meeting with a major player in healthcare managing medical data and social security numbers, sensitive data. Their new website is live, and they want us to perform intrusion tests.
After work, a question keeps me thinking; I can’t help doing some online research… pentesting is a passion!"
Mia, Pentester at Orange Cyberdefense.

Meet the Other Players in Data

An Orange employee working on his computer

Data Analyst

 
Two colleagues joking with each other

Data Engineer

 
A young Orange employee laughing in front of his computer

Data Scientist

 
An Orange employee working at a desk

Full Stack Developer