Senior Information Security Analyst - Testing Team


This job does not exist anymore.

Try running a new search or browse our vacancies.

Or fill in the form below to receive job alerts.

2018-03-27 12:25:161970-01-01ViaResource
Job Type Permanent Full Time
Area London, United Kingdom Coventry , United Kingdom
Sector Retail
Start Date
Job Ref CXE10462
Description
Our client, a globally recognised retailer, is looking for a Senior Information Security Analyst to be responsible for Security Testing, including working with BAU Teams, Programme/Project teams, Agile delivery teams, Developers, Infrastructure Engineers and DevOps teams to ensure that IT projects are delivered securely, protecting client and employee data and ensuring continual compliance with Information Security policies and standards.  
 
This person will also scope, co-ordinate and perform Penetration Testing and other Security Testing in support of In-House Development utilising Waterfall and Agile delivery methodologies; manage remediation of identified vulnerabilities and participate in the full risk management lifecycle.
 
Key Responsibilities for the Senior Information Security Analyst – Penetration Tester
  • Manage internal security assurance for internally developed applications within a DevOps environment.
  • Scope penetration testing for both internal and external facing applications Manage external resources to ensure that penetration testing is carried out to a suitable standard on time and within budget.
  • Manage the internal vulnerability scanning programme to ensure that scans are planned and carried out in a timely manner.
  • Responsible for performing internal security testing, including detailed and actionable reporting.
  • Responsible for ensuring that vulnerabilities identified via internal scanning programme, Internal or external penetration testing are suitably mitigated and any residual risks are documented and formally accepted.
  • Conduct Information Security Risk Assessments using the Information Security Risk Management Process.
  • Ensures the benefits of Information security and concept of risks is understood by all colleagues
  • Pro-actively manages security risk assessments and mitigation plans to address risks within agreed timescales, evaluating business impact
  • Provides advice and guidance associated with the planning, design, implementation and improvement of system security taking account of current best practice, legislation and regulation
 
Mandatory Skills & Experience of the Senior Information Security Analyst – Penetration Tester
  • Extensive knowledge of OWASP vulnerabilities, tools and methodologies
  • Extensive knowledge of HTTP, PCI ASV and SSDLC
  • Hands on experience performing penetration testing
  • Demonstrates extensive knowledge of good security practice covering the physical and logical aspects of information products, systems integrity and confidentiality
  • Expert in methods and techniques for risk management, business impact analysis, countermeasures and contingency arrangements relating to the serious disruption of IT services
  • Expert in tools or systems which provides access security control (i.e. prevents unauthorised system access)
  • Strong current knowledge of PCI, DPA and ISO27001.
  • At least one of the following information security testing certifications OSCP, GIAC, CEH, Qualys Certified Specialist.
  • Current Information Security qualifications/certifications e.g. CISSP, CISM, CRISC, CISA etc
  • Experience using  web application vulnerability scanning tools (e.g., Qualys WAS, IBM AppScan, HP Web inspect etc)
  • Experience of using  (SAST) Static Application security testing /Source Code Analysis tools such (e.g. HP Fortify, Veracode, Checkmarx
 
Keywords
SectorClear
AreaClear
Job TypeClear
Sign in
Register
Similar Jobs
Email Me Jobs Like This
Subscribed to similar jobs notifications

Contact

 

Via resource Group
Braywick House West
Windsor Road
Maidenhead
SL6 1DN
United Kingdom

+44 0203 327 1996

Our partners

REC Logo 2 cyber essential logo2 Crown Commercial Service G Cloud 8

We use cookies to provide you with the best possible browsing experience on our website. You can find out more below.
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
+Necessary
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
ResolutionUsed to ensure the correct version of the site is displayed to your device.
essential
SessionUsed to track your user session on our website.
essential
+Statistics
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Google AnalyticsGoogle Analytics is an analytics tool to measure website, app, digital and offline data to gain user insights.
Yes
No

More Details