Evolution Jobs
01925 820 555
  • uk
  • de
  • au
  • sg
  • eu

Penetration Tester – Automation

£65000 - £75000 + excellent benefits
Job Type
Evolution Recruitment Solutions https://www.evolutionjobs.com/

My client is urgently seeking an Application Security Testing Consultant who will responsible for the automation of testing within their client’s CI/CD pipeline. You will have hands on experience using both open and closed source tooling and be able to provide advice on the best tools to protect the pipeline.

Job Responsibilities;

  • Develop a secure SDLC improvement strategy and roadmap.
  • Provide technical Security leadership within a software engineering environment.
  • Produce gap analysis on current controls and configurations using NCSC, OWASP and Safecode. including;
    • Repo configuration and management
    • The tuning and configuration of tooling.
    • Optimisation of Automated processes.
    • Awareness of good practice across development/feature teams.
  • Contribute to the Technical Design Authority and Security Risk & Assurance Forum, ensuring secure design architecture and levels of risk feed into the decision-making process.
  • To influence security best practice and ensure information security requirements are fully considered and implemented as part of the design throughout the projects and products lifecycle. This includes application development and infrastructure related projects, including use of latest cloud technologies.
  • Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter measures to mitigate identified information risks.

Key Skills;

  • Broad range of knowledge across web, mobile and cloud security.
  • You have a good understanding of software testing and the secure software development life cycle.
  • Good understanding of the application of security within the CICD environment.
  • You have experience working with Security Tooling e.g. OWASP ZAPP, SNYK and Fortify
  • Have practical experience working with NIST, OWASP top 10, Safecode, CIS top 20, NCSC Security policy Standards, ISO/IEC 27001.
  • Building and implementing secure by design principals within secure development life cycle (SDLC).
  • Awareness of appropriate software development languages e.g. Terraform, Ansible, Python, Java
  • Possess awareness and understanding of HMG and NCSC Security policies, standards and guidance.
  • These roles are very urgent with immediate start date available. Please contact Rob Wall at Evolution Recruitment for a confidential chat.

      .NET Development