Security Test Analyst (Pen Test, Information Security, Security Testing, Cloud, AWS, OSCP/OSCE) - Hybrid working - £60-80k
My client is looking for a QA Test Analyst (Pen Test, Information Security, Security Testing, Cloud, AWS, OSCP/OSCE) to join their team to review requirements and architectural designs and develop test cases which ensure the Security requirements have been met. By doing this, solutions can be delivered which comply with all relevant and necessary security standards / client security guidelines. In this role, the successful QA Test Analyst (Pen Test, Information Security, Security Testing, Cloud, AWS, OSCP/OSCE) will be comfortable delivering test services and working with clients both on site and remotely.
My client has revolutionized how employees and customers connect by implementing automated, assurance-driven networking. They have several products and services available which can tailor to the clients every need.
Required skills (Pen Test, Information Security, Security Testing, Cloud, AWS, OSCP/OSCE)
- Hands-on experience with IT/ Information Security/ cyber security / Network Security standards and frameworks (IS027001, NIST, CSF and GITC).
- Comfortable analysing test results and report on vulnerabilities, security issues and compliance failures.
- Experience in Application & Infrastructure Security Testing (Static Application Security Testing, Dynamic Application Security Testing, Interactive Application Security Testing etc)
- Understanding of OWASP and other penetration testing methodologies
- Knowledge analysing & reviewing Pen Test Results.
- Experience using Security Testing Tools (MicroFocus Fortify SCA, WebInspect, App Defender, Black Duck, Sonatype, Qualys and TripWire).
- Source code review experience.
- Working knowledge of creating technical and managerial level reports and risk assessments for Cloud based applications and infrastructure.
- Good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
- Proven industry experience in application and infrastructure security testing.
- Certifications in Offensive Security (OSCP/OSCE), GITC, GIAC, GISF, ISECOM, (ISC)2 (CISSP, SSCP, CCSP), EC-Council (CEH), CISA.
Tools used (Pen Test, Information Security, Security Testing, Cloud, AWS, OSCP/OSCE)
- SIEM - ArcSight, Splunk, Microsoft Sentinel, AWS Guard Duty
- Application Security - SAST and DAST
- Vulnerability Management- Tripwire IP360
- API Testing tools - SOAP UI
- Good experience in identifying the server generated system alerts
- Operating Systems; Unix (Linux and /or Solaris), Windows
- Database - Microsoft SQL Server, Oracle RDBMS
- Familiar and hands-on experience with Kali Linux distribution and associated tools
- Familiar with working in Cloud environments (AWS, Azure, G-Cloud)
- Familiar and hands-on experience with CI/CD pipelines and implementation of Security Testing within a CI/CD pipeline
This role is based in London, pays £60-80k (depending on experience) and requires a mixture of working in the office and WFH.
If this sounds like something you would be interested in, please click on the apply button below,