Security Testing Senior Consultant

We're looking for a Security Testing Senior Consultant to conduct test simulating

cyber attacks to find exploitable weaknesses and define remediation plans; simulates

a threat actor attempting to gain unauthorized physical or logical access to an

environment.

You are expected to identify security vulnerabilities during software development

lifecycle to ensure security by design and default. You will develop and execute

cybersecurity test plans, ensuring test quality and managing resource planning and

the resolution of issues that may impede the test effort.

As a team lead, you will mentor junior consultants and be a security thought leader

within the client and SGV.

Your Key Responsibilities

You will work on various Security Testing and Assurance projects for our clients or

internal projects.

As a team lead, team member or individual contributor, execute or lead security

testing and assurance projects. These may include:

oConduct test on mobile and web applications

oConduct social engineering

oExecute red team scenarios

oConduct security audits

oCoordinate with client operations and development teams to remediate or accept

risks

oPrepare security assessment reports

Provide guidance, coordinate and support teammates to execute security design

and assurance projects

Guide and review your peers and junior team members and provide timely and

constructive feedback

Prepare reports, documents and schedules that will be delivered to clients and

other parties

Conduct research to provide value adding advice to the client

Contribute ideas with the team to complete and improve project output

Help in performance reviews and contribute to performance feedback for

staff/junior level team members

Develop positive relationship with client personnel, peers and management

Join and facilitate internal and external training, mentoring, learning and

certification opportunities

Participate in organization-wide people initiatives including thought

leadership and recruitment activities

Skills and attributes for success

A successful candidate will need a combination of technical and communication

skills, as well as the ability to handle a mix of diverse testing activities and project

work.

Technical knowledge. Able to demonstrate and apply security concepts;

knowledge of system and application security threats and vulnerabilities; current and

emerging threats / threat vectors; principles used to manage risks related to the use,

processing, storage and transmission of information or data; incident response and

handling methodologies; methods for evaluating, implementing, and disseminating

information technology (IT) security assessment, monitoring, detection and

remediation tools and procedures utilizing standards-based concepts and

capabilities; the risk associated with new and emerging information technology (IT)

and cybersecurity technologies

Mentoring. Able to guide and coach team members in career progression and

service delivery

Teaming. Able to build relationships across business and promoting a

collaborative culture across teams

Client relationship. Able to build deep relationship with clients to understand

their challenges better and align the right solutions

Innovative and transformative mindset. Able to understand complex problems

and respond with innovative and transformative solutions

Communication and presentation skills. Able to deliver high quality deliverables

articulated in written reports and communicated during presentations to both IT and

business audiences.

To qualify for the role, you must have:

A bachelor's degree in IT, computer science, computer engineering,

management, business administration, or any related field

At least one year of relevant experience in security testing and are comfortable

using the following software and programs:

o Security assessment tools such as Burpsuite, SQLmap, nmap, Nessus,

Rapid7

o Operating systems such as Windows, Linux, Unix and web platforms

o Programming languages and frameworks such as SQL, C++, javascript,

ruby, python

Indepth understanding of OWASP Top 10 and ability to effectively communicate

methodologies and techniques with the development teams

Hands on experience of penetration testing which in various networks, web

application, social engineering and physical penetration testing

Good understanding of security practices on vulnerability assessment,

penetration testing, network security, security operations, software development

Good understanding of web services, distributed systems or mobile applications

Good written and verbal technical communication skills

Desire to learn new techniques, frameworks and technologies

Willingness to take cybersecurity certifications and external trainings

Preferably, you also have

Relevant professional certification such as CISSP, CISA, CEH, OSCP, or other

similar industry recognized certifications

Ability to juggle many tasks and projects in a fast-moving environment

Support SDLC and agile environments which application security testing

Ability to develop automated solutions to execute security testing

Good understanding of cloud security and modern architecture (microservices,

serverless and automated delivery) and testing in these environments

Experience in working in consulting roles, interacting with clients, third parties or

security vendors

Good understanding of cryptography as applied in security such as SSL and key

management

Good understanding of secure software development lifecycle, DevSecOps,

automated software delivery

Good understanding of cloud security and modern architecture

Hands on experience with IT security (application security, threat modeling,

vulnerability assessment, penetration testing, security operations)

What's in it for you

We offer a competitive remuneration package where you'll be rewarded for your

individual and team performance. Our comprehensive Total Rewards package

includes support for flexible working and career development, benefits that suit your

needs, covering holidays, health and well-being, insurance, savings, and a wide range

of discounts, offers and promotions.

Plus, we offer:

Continuous learning: You'll develop the mindset and skills to navigate whatever

comes next.

Success as defined by you: We'll provide the tools and flexibility, so you can

make a meaningful impact, your way.

Transformative leadership: We'll give you the insights, coaching and confidence

to be the leader the world needs.

Diverse and inclusive culture: You'll be embraced for who you are and

empowered to use your voice to help others find theirs.