ICT security tester

Job Scope Description:

The ICT Security Tester is responsible for evaluating and improving the security posture of the organization's Information and Communications Technology (ICT) infrastructure. They will use various manual and automated testing techniques to identify vulnerabilities and weaknesses in systems, applications, and networks. The ICT Security Tester will work closely with IT teams to ensure that security risks are mitigated effectively and efficiently.

Key Responsibilities:

1. Security Assessment and Testing:Conduct comprehensive security assessments of ICT systems, applications, and networks.
   Perform penetration testing to identify vulnerabilities and exploit weaknesses.
   Execute vulnerability assessments using automated scanning tools and manual techniques.
   Perform security code reviews to identify potential flaws in software.
   Simulate real-world attacks to evaluate the effectiveness of security controls.
   
2. Reporting and Remediation:Document and report security findings clearly and concisely.
   Prioritize vulnerabilities based on their potential impact and likelihood of exploitation.
   Provide recommendations for remediation and mitigation strategies.
   Work with IT teams to implement fixes and address security risks.
   Verify that remediation efforts have been successful.
   
3. Security Research and Development:Stay current on the latest security threats, vulnerabilities, and attack techniques.
   Research and evaluate new security tools and technologies.
   Develop custom testing scripts and methodologies to address specific security concerns.
   Contribute to the development of security policies, procedures, and standards.
   
4. Collaboration and Communication:Work closely with IT teams, including developers, system administrators, and network engineers.
   Communicate effectively with technical and non-technical stakeholders.
   Provide training and awareness programs to educate employees about security best practices.
   Participate in incident response activities as needed.
   

Qualifications and Skills:

• Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Experience: Proven experience in security testing, penetration testing, or vulnerability assessment.
• Certifications: Industry-recognized certifications such as OSCP, CEH, CISSP, or similar are highly desirable.
• Technical Skills:Strong understanding of security principles, protocols, and technologies.
  Proficiency in using security testing tools, both commercial and open-source.
  Experience with scripting languages (e.g., Python, Bash) for automation.
  Knowledge of network protocols and architectures.
  Familiarity with operating systems, databases, and web applications.
  
• Soft Skills:Excellent analytical and problem-solving skills.
  Strong written and verbal communication skills.
  
• Ability to work independently and as part of a team.
• Strong attention to detail.
• Passion for learning and staying up-to-date on security trends.
  

Additional Considerations:

• Familiarisation with Pen-testing and VA tools will be advantageous
• The ICT Security Tester may be required to work outside of normal business hours during security incidents or critical testing periods.
• This position requires a high level of confidentiality and integrity due to the sensitive nature of the information handled.