Warning
Mae'r hysbyseb swydd hon wedi dod i ben ac mae'r ceisiadau wedi cau.
Security Tester
| Dyddiad hysbysebu: | 03 Hydref 2024 |
|---|---|
| Cyflog: | £31,000 i £43,000 bob mis |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 02 Tachwedd 2024 |
| Lleoliad: | Aylesbury, Buckinghamshire |
| Gweithio o bell: | Hybrid - gweithio o bell hyd at 2 ddiwrnod yr wythnos |
| Cwmni: | Kelltron Consulting services Uk ltd |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | KCS-JD1202 |
Crynodeb
Job Title: Security Tester
Location: Aylesbury
Job Type: Full-Time
Experience Required: 4-5 Years
Reports to: Managing Director
Industry: Information Technology / Cybersecurity
Job Summary:
We are seeking a skilled Security Tester with 4 to 5 years of experience to join our cybersecurity team. The Security Tester will be responsible for identifying and addressing security vulnerabilities across applications, systems, and networks. The role requires a hands-on professional with expertise in Security testing, vulnerability assessments, and secure coding practices, working closely with developers, engineers, and other stakeholders to ensure the overall security posture of the organization.
-Key Responsibilities:
1. Security Testing:
- Conduct in-depth penetration testing of web applications, mobile applications, APIs, and network infrastructure.
- Perform external and internal tests to uncover weaknesses in systems.
- Develop custom exploits, and simulate real-world attacks to validate security controls.
2. Vulnerability Assessments:
- Perform vulnerability scans and assessments using tools like Nessus, OpenVAS, Burp Suite, etc.
- Analyze scan results to prioritize vulnerabilities based on risk levels and provide actionable remediation steps.
- Ensure the timely identification and remediation of vulnerabilities, reporting critical findings to relevant teams.
3. Security Audits:
- Participate in security audits to ensure systems, applications, and environments comply with internal and external standards (such as OWASP, PCI-DSS, ISO/IEC 27001, NIST, GDPR).
- Develop and implement security test plans for various projects.
- Assist in refining and improving security testing methodologies.
4. Collaboration with Development Teams:
- Work closely with software developers and DevOps teams to review code and implement secure development practices (e.g., Secure SDLC, DevSecOps).
- Educate and assist teams with integrating automated security testing into CI/CD pipelines.
5. Incident Response and Reporting:
- Collaborate with the incident response team to support investigations, providing technical insights during and after security incidents.
- Create detailed reports outlining test results, vulnerabilities identified, and recommended mitigations.
6. Research and Innovation:
- Stay up-to-date with the latest security threats, trends, and technologies.
- Evaluate new tools and techniques to improve testing processes.
- Recommend and implement new security testing tools and frameworks where necessary.
Key Requirements:
Experience:
- 4-5 years of experience in security testing, penetration testing, and vulnerability assessments.
- Proven experience conducting penetration tests for web applications, networks, and cloud environments (AWS, Azure, etc.).
- Technical Skills:
- Proficiency in using tools such as Metasploit, Kali Linux, Burp Suite, Nessus, Nmap, Wireshark, OWASP ZAP, etc.
- Strong understanding of network protocols, operating systems, web technologies, and programming languages (e.g., Python, Bash, JavaScript).
- Familiarity with secure coding practices and code review processes.
- Hands-on experience with automated security testing in CI/CD pipelines.
- Certifications:
- Preferred certifications: OSCP, CEH, GWAPT, GPEN, or other relevant cybersecurity certifications.
- Soft Skills:
- Strong analytical skills and attention to detail.
- Excellent verbal and written communication skills.
- Ability to work independently and as part of a cross-functional team.
- Strong problem-solving and decision-making skills in a high-pressure environment.
Preferred Qualifications:
- Experience with cloud security testing (AWS, Azure, GCP).
- Knowledge of DevSecOps practices and tools (e.g., Jenkins, Git, Docker, Kubernetes).
- Familiarity with security frameworks and regulatory requirements (e.g., PCI-DSS, ISO 27001, GDPR).
Benefits
- 25 days of holiday, plus the option to buy or sell up to five additional days.
- A competitive salary and comprehensive benefits.
- Continuous learning and development opportunities.
Join KCS and contribute to shaping a secure digital future, leveraging our advanced products and services to make a significant impact in the field of cybersecurity.
To Apply:
Please send your resume and cover letter to hr@kelltron.com with the subject line "Security Tester Application – [Your Name]."
Location: Aylesbury
Job Type: Full-Time
Experience Required: 4-5 Years
Reports to: Managing Director
Industry: Information Technology / Cybersecurity
Job Summary:
We are seeking a skilled Security Tester with 4 to 5 years of experience to join our cybersecurity team. The Security Tester will be responsible for identifying and addressing security vulnerabilities across applications, systems, and networks. The role requires a hands-on professional with expertise in Security testing, vulnerability assessments, and secure coding practices, working closely with developers, engineers, and other stakeholders to ensure the overall security posture of the organization.
-Key Responsibilities:
1. Security Testing:
- Conduct in-depth penetration testing of web applications, mobile applications, APIs, and network infrastructure.
- Perform external and internal tests to uncover weaknesses in systems.
- Develop custom exploits, and simulate real-world attacks to validate security controls.
2. Vulnerability Assessments:
- Perform vulnerability scans and assessments using tools like Nessus, OpenVAS, Burp Suite, etc.
- Analyze scan results to prioritize vulnerabilities based on risk levels and provide actionable remediation steps.
- Ensure the timely identification and remediation of vulnerabilities, reporting critical findings to relevant teams.
3. Security Audits:
- Participate in security audits to ensure systems, applications, and environments comply with internal and external standards (such as OWASP, PCI-DSS, ISO/IEC 27001, NIST, GDPR).
- Develop and implement security test plans for various projects.
- Assist in refining and improving security testing methodologies.
4. Collaboration with Development Teams:
- Work closely with software developers and DevOps teams to review code and implement secure development practices (e.g., Secure SDLC, DevSecOps).
- Educate and assist teams with integrating automated security testing into CI/CD pipelines.
5. Incident Response and Reporting:
- Collaborate with the incident response team to support investigations, providing technical insights during and after security incidents.
- Create detailed reports outlining test results, vulnerabilities identified, and recommended mitigations.
6. Research and Innovation:
- Stay up-to-date with the latest security threats, trends, and technologies.
- Evaluate new tools and techniques to improve testing processes.
- Recommend and implement new security testing tools and frameworks where necessary.
Key Requirements:
Experience:
- 4-5 years of experience in security testing, penetration testing, and vulnerability assessments.
- Proven experience conducting penetration tests for web applications, networks, and cloud environments (AWS, Azure, etc.).
- Technical Skills:
- Proficiency in using tools such as Metasploit, Kali Linux, Burp Suite, Nessus, Nmap, Wireshark, OWASP ZAP, etc.
- Strong understanding of network protocols, operating systems, web technologies, and programming languages (e.g., Python, Bash, JavaScript).
- Familiarity with secure coding practices and code review processes.
- Hands-on experience with automated security testing in CI/CD pipelines.
- Certifications:
- Preferred certifications: OSCP, CEH, GWAPT, GPEN, or other relevant cybersecurity certifications.
- Soft Skills:
- Strong analytical skills and attention to detail.
- Excellent verbal and written communication skills.
- Ability to work independently and as part of a cross-functional team.
- Strong problem-solving and decision-making skills in a high-pressure environment.
Preferred Qualifications:
- Experience with cloud security testing (AWS, Azure, GCP).
- Knowledge of DevSecOps practices and tools (e.g., Jenkins, Git, Docker, Kubernetes).
- Familiarity with security frameworks and regulatory requirements (e.g., PCI-DSS, ISO 27001, GDPR).
Benefits
- 25 days of holiday, plus the option to buy or sell up to five additional days.
- A competitive salary and comprehensive benefits.
- Continuous learning and development opportunities.
Join KCS and contribute to shaping a secure digital future, leveraging our advanced products and services to make a significant impact in the field of cybersecurity.
To Apply:
Please send your resume and cover letter to hr@kelltron.com with the subject line "Security Tester Application – [Your Name]."