Security Test Engineer - DV Cleared
The primary objectives of the Security Tester are to assure and enhance various security services provided to both internal and external clients. The services include technical security assessments of applications and infrastructure, security design reviews as well as risk assessments and test execution. This is a hands-on role, requiring technical skills from the hardware to the application layers.
The Security Tester (s) will interface with the ITEA and Security Managers, subcontractors, users and customer stakeholders in order to implement security test and acceptance activities. The successful candidate will support the Security Lead at customer and user workshops, meetings and milestone reviews and execute the main customer security acceptance events. Involvement with external IT Health Checks will also be required.
Security Test Engineer - 3 Month Contract - West London/Cambridgeshire - DV Cleared
- Write system security tests based on the security requirements
- Perform security tests on the systems under test
- Demonstrated security tests to the client on formal events
- Identify security defects and document them in the defect management tool
- Demonstrate resolved security defects at formal and ad hoc events to the client
- Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our global clients
- Review and define requirements for information security solutions
- Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
- Participate in Security Assessments of networks, systems and applications
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
- Proven experience in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)
- Working knowledge of Security principles, techniques and technologies
- Understanding of JSP440 and JSP604, their impact on Security models
- Good understanding of network protocols, design and operation
- Strong analytical skills and efficient problem solving
- Bachelor degree or higher in a technical discipline, or equivalent experience and knowledge
- Willingness to travel
- Good English communication skills (written and oral)
- CISSP, CISA, CEH, OSCP or other information security certifications;
- Application development background and security knowledge - example of languages include C, C#, C++, Java, J2EE;
- Vulnerability and threat management experience
- Experience with various security tools and products (Fortify, AppScan, etc.)
- Good understanding of the components of a secure DLC/SDLC
- Vulnerability analysis and application reversing skills and experience
- Understanding of cryptography principles
The programme is a very dynamic, information technology-focused effort with multiple subcontractors supporting an operationally oriented customer with numerous mission critical demands. The systems include a collection of infrastructure components of servers, storage, workstations, networking and printers, and also a number of image analysis, processing, storage and retrieval software solutions. The systems are deployed across a number of sites in the UK with a mobile field deployable component for use in the UK and abroad.
RECOMMEND A FRIEND: If you have professional friends/colleagues who would be interested in one of our roles and our excellent levels of service too, we'd like to recognise your recommendations with a 'thank you' of our own. For every colleague you refer who then starts a role through Datasource either Contract or Permanent, we will send you £300!
You will be required to hold a minimum of DV security clearance. If you do not hold an active DV clearance please familiarise yourself with the vetting process before applying.
Hit the 'Apply now' button to apply and to discuss this role further. We will be delighted to hear from you!
(c) Copyright Datasource Computer Employment Limited 2017.
Job Role: Security Test Engineer
Location: West London/Cambridgeshire
Duration: 3 Months
Start Date: ASAP
Clearance: DV Clearance