Description
Location: Slough, England
Duration: 6 months
Job Description:
Security Test Engineer in Smart Metering
Our client is leader in providing cutting-edge Technology to the Telco industry and we are looking for a Security Test Engineer having more than 6 years experience to join tech team.
Skills:
- Have technical knowledge and hands-on experience with IT/information security/cyber security/Network Security standards and frameworks such as ISO27001, NIST CSF and GITC
- Good experience in Application & Infrastructure Security Testing including Static Application Secuirty Testing, Dynamic Application Security Testing, Interactive Application Secuirty Testing, Maritime Asset Security And Training, Run Time Application Secuirty Testing and Security Compliance Activities
- Good understanding of OWASP and other penetration testing methodologies. Good knowledge on analysing & reviewing the Pen Test Results
- Experience of security testing toolsets eg MicroFocus Fortify SCA (Static Analysis) WebInspect (Dynamic Vulnerability), App Defender, Black Duck, Sonatype (opensource), Qualys (DAST) and TripWire (IP360)
- Experience in Security QA Testing (compliance controls, Threat Management, Security Architecture Assessment, Cloud 3rd Party Risk Assessment, Vulnerability Mgt.)
- Source code review experience.
- Experience in using HP ALM, Jira
- Experience on Security Incident Event Management (ArcSight & Splunk)
- Track record of developing test security scripts, detailed test planning and test delivery of complex requirements involving multiple applications and platforms
Role:
- Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis
- Strong analytical skills with a proven track record of requirements mapping and traceability
- Exposure to testing in rigorous security regimes/design
- Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure
- Interface and collaborate with multiple groups and/or managerial staff to eloquently describe and implement security solutions
- Expert knowledge of Cloud infrastructure, security architectures, and standards
- Able to demonstrate clear understanding of current threats to Cloud infrastructure/IT infrastructures/Network Infrastructure at technical and managerial levels
- Strong technical writing and verbal communication skills required
- Knowledge of web security concepts covering network through application layers
- Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS etc...