QA-security testing

QA-security testing

  • Telecomunicații
  • Cluj, RO

• Have technical knowledge and hands-on experience with IT/information security/ cyber security / Network Security standards and frameworks such as ISO27001, NIST CSF and GITC
• Good experience in Application & Infrastucture Security Testing including Static Application Secuirty Testing, Dynamic Application Security Testing, Interactive Application Secuirty Testing, Maritime Asset Security And Training , Run Time Application Secuirty Testing and Security Compliance Activities
• Good understanding of #OWASP and other penetration testing methodologies. Good knowledge on analysing & reviewing the Pen Test Results
• Experience of security testing toolsets e.g. #MicroFocus Fortify #SCA (Static
• Analysis) WebInspect (Dynamic Vulnerability), #App #Defender, #Black #Duck, Sonatype (opensource), Qualys (DAST) and #TripWire# (IP360)
• Experience in Security QA Testing (compliance controls, Threat Management, Security Architecture Assessment, Cloud 3rd Party Risk Assessment, Vulnerability Mgt.)
• Source code review experience.
• Experience in  using HP ALM, Jira
• Experience on Security Incident Event Management (ArcSight & Splunk)
• Track record of developing test security scripts, detailed test planning and test delivery of complex requirements involving multiple applications and platforms
Role:
• Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis
• Strong analytical skills with a proven track record of requirements mapping and traceability
• Exposure to testing in rigorous security regimes/ design
• Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure
• Interface and collaborate with multiple groups and/or managerial staff to eloquently describe and implement security solutions
• Expert knowledge of Cloud infrastructure, security architectures, and standards
• Able to demonstrate clear understanding of current threats to Cloud infrastructure/IT infrastructures / Network Infrastructure at technical and managerial levels
• Strong technical writing and verbal communication skills required
• Knowledge of web security concepts covering network through application layers
• Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS etc...
• Good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
• Knowledge of AWS services and security controls.
• Proven industry experience in application and infrastructure security testing
Participă la discuţie
Guest
fulltime

Cluj, RO

Aptitudini / abilităţi

  • Cloud
  • Security
  • AWS
  • Apache HTTP Server
  • Internet Protocol Suite (TCP/IP)
  • JIRA
  • Network Infrastructure
  • Network Security
  • QA Automation
  • Qualys
  • SQA Team Test
  • Splunk

Crează-ţi contul