Job Description:
Summary:
This candidate plays a crucial role in ensuring the security of project systems, applications, and data. They are responsible for planning, coordinating, and executing security testing processes to identify vulnerabilities and weaknesses in the project’s IT application and infrastructure. This role requires a deep understanding of cybersecurity principles, testing methodologies, and strong leadership skills.
Key Responsibilities:
- Security Test Strategy: Develop and implement a comprehensive security testing strategy to identify and mitigate vulnerabilities across various technology stacks and platforms.
- Test Planning: Create test plans, schedules, and resource allocation for security testing activities, considering the criticality of systems and applications.
- Team Leadership: Manage and lead a team of security testers, ensuring they are well-equipped, motivated, and focused on delivering high-quality results.
- Threat Assessment: Collaborate with security experts to identify potential threats and vulnerabilities, and prioritize testing efforts accordingly.
- Test Execution: Performing and coordinating security testing activities, such as penetration testing, vulnerability scanning, code review, and more.
- Reporting and Analysis: Analyze test results, prepare detailed reports on identified vulnerabilities, and recommend remediation measures.
- Compliance: Ensure that security testing aligns with industry standards, regulatory requirements, and best practices.
- Reporting: Maintain comprehensive documentation of security test procedures, results, and improvement recommendations.
- Communication: Effectively communicate security findings and recommendations to stakeholders, including IT teams, management, and external auditors.
- Risk Management: Identify and assess security risks, and work with stakeholders to develop risk mitigation strategies.
Qualifications:
- Mandatory relevant certifications such as CISSP/OSCP/CREST
- Bachelor's degree in computer science, cybersecurity, or related field
- Proven experience in security testing and vulnerability assessment.
- Proficiency in using various penetration testing tools such as Metasploit, Nmap, Burp Suite, and others.
- Strong knowledge of security testing tools and methodologies. Leadership and team management skills.
- Excellent problem-solving and analytical abilities.
- Knowledge of relevant security standards and compliance requirements.
Nice to have skills :
- Candidates for this role should have 6+ years of experience in cybersecurity, with at least 2 years in a leadership or managerial position.
