IT Security Test Engineer

Staff4Me is currently looking for a highly skilled and detail-oriented IT Security Test Engineer to join our team. As an IT Security Test Engineer, you will play a crucial role in ensuring the security and integrity of our systems and applications. You will be responsible for conducting security testing, identifying vulnerabilities, and providing recommendations for mitigation. Additionally, you will work closely with the development and operations teams to enhance security measures and drive continuous improvement.

Responsibilities

• Design and execute security testing strategies and plans for applications, systems, and network infrastructure.
• Identify vulnerabilities and security weaknesses through various testing techniques, including vulnerability scanning, penetration testing, and code review.
• Work closely with the development and operations teams to address identified security issues and drive security enhancements.
• Develop and optimize security testing tools and methodologies to ensure comprehensive coverage.
• Create detailed test reports and documentation, including vulnerability findings, risk assessments, and remediation recommendations.
• Stay up-to-date with the latest trends and advancements in information security and testing methodologies.
• Collaborate with cross-functional teams to ensure compliance with industry standards and regulations.
• Participate in incident response activities and provide support in handling security incidents.
• Conduct security awareness training for employees and promote a culture of security awareness and compliance.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3+ years of experience in IT security testing or a similar role.
• Strong knowledge of security testing methodologies and tools, such as vulnerability scanning tools, penetration testing frameworks, and code review tools.
• Experience in conducting vulnerability assessments, penetration testing, and security code reviews.
• Knowledge of industry standards and best practices, such as OWASP, NIST, and CIS.
• Familiarity with common security vulnerabilities and attack vectors.
• Strong understanding of network protocols, operating systems, and web technologies.
• Excellent analytical and problem-solving skills.
• Attention to detail and ability to work independently.
• Strong communication and collaboration skills.
• Related certifications such as CEH, CISSP, or OSCP are preferred.