Senior Security Testing Engineer DescriptionJob #: 74400
No less important is the safety, well-being and experience of our applicants. Therefore, until further notice, all EPAM employment interviews will be conducted remotely. Our recruitment professionals and hiring managers are standing by to ensure a robust and engaging virtual candidate experience. We look forward to speaking with you!
EPAM is looking for a Senior Security Testing Engineer to join the Security practice to work directly with our biggest enterprise customers.
• As Senior Security Testing engineer, you are required to have advanced technical expertise in security of Web or Mobile application or Infrastructure security.
• You will work independently being fully responsible for the results of the security assessment. Scope and tasks may vary depending on the project and customer needs.
• You will be engaged to perform penetration testing or vulnerability assessments of target system(s) in lawful and legitimate manner acting like an insider (internal penetration test) or external user.
• You may be involved in the full project security lifecycle from definition of security requirements till final security review and project closure.
- Develop security testing trainings to project team
- Planning and team management specific to security assessment
- Identify and implement relevant security specifications and standards
- Define security requirements and security testing strategy
- Define security tools and associated security checks
- Scoping and estimating tasks, as well as managing multiple tasks with minimal supervision
- Vulnerability assessments and penetration testing
- Collaborate with technical and management personnel across the full security assessment life cycle
- Document all disclosed issues using different reporting formats
- Provide remediation suggestions to correct disclosed issues
- Collaborate with personnel responsible for writing and presenting proposals to prospective clients
- 3+ years of proven practical experience in application or infrastructure security testing
- Ability to perform evaluation of requirements, processes, technologies from security standpoint
- Ability to select, educate and communicate the right solution based on client requirements and objectives
- Ability to explain assessment results to technical and non-technical personnel
- Understanding and practical experience in different security testing methodologies (OSSTM, OWASP, PTES)
- Experience in development of security-related documentation
- Experience in security assessments of Web Applications and Web Services (SOAP, RESTful) Or Experience in security assessments of Mobile applications (iOS, Android) Or Experience in assessments of network infrastructure
- Experience in security assessments of Cloud applications
- Ability to develop, implement and guide security assessments’ process on the project
Nice to have
- Certifications in security field (OSCP, OSCE, WPTX, PTX, etc.)
- Experience in Containers security assessments
- Experience in IoT security assessments
- Experience in creation of Threat Models and performing Security Risk Assessment
- Dynamic, entrepreneurial, high speed, high growth corporate environment
- Diverse multicultural, multi-functional, and multilingual work environment
- Opportunities for personal and career growth in a progressive industry
- Global scope, international projects
- Widespread training and development opportunities
- Unlimited access to LinkedIn learning solutions
- Competitive salary and various benefits
- Sport and social teams support, recreation area, advanced CSR programs