Security Consultant/Test Lead
I am currently working with a client who are looking for a Security Test Lead to come in and lead the security test aspect within the organisation. This role requires both hands on technical expertise as well as the ability to lead and work closely with relevant stakeholders.
Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis
Strong analytical skills with a proven track record of requirements mapping and trace-ability
Exposure to testing in rigorous security regimes/ design
Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure
Interface and collaborate with multiple groups and/or managerial staff to eloquently describe and implement security solutions
Expert knowledge of Cloud infrastructure, security architectures, and standards
Able to demonstrate clear understanding of current threats to Cloud infrastructure/IT infrastructures / Network Infrastructure at technical and managerial levels
Strong technical writing and verbal communication skills required
Knowledge of web security concepts covering network through application layers
Good understanding of the protocols underpinning the web – TCP/IP, HTTP, SSL/TLS etc…
Good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
Knowledge of AWS services and security controls.
Proven industry experience in application and infrastructure security testing
Suitable candidates should have the following experience:
Technical knowledge and hands-on experience with IT/information security/ cyber security / Network Security standards and frameworks such as ISO27001, NIST CSF and GITC
Experience in Application & Infrastructure Security Testing including Static Application Security Testing, Dynamic Application Security Testing, Interactive Application Security Testing, Maritime Asset Security And Training , Run Time Application Security Testing and Security Compliance Activities
Understanding of OWASP and other penetration testing methodologies. Good knowledge on analysing & reviewing the Pen Test Results
Experience of security testing toolsets e.g. MicroFocus Fortify SCA (Static Analysis) WebInspect (Dynamic Vulnerability), App Defender, Black Duck, Sonatype (opensource), Qualys (DAST) and TripWire (IP360)
Experience in Security QA Testing (compliance controls, Threat Management, Security Architecture Assessment, Cloud 3rd Party Risk Assessment, Vulnerability Mgt.)
Source code review experience.
Experience in using HP ALM, Jira
Experience on Security Incident Event Management (ArcSight & Splunk)
Track record of developing test security scripts, detailed test planning and test delivery of complex requirements involving multiple applications and platforms
If this opportunity is of interest please send across an upto date copy of your CV and/or reach out using the details below.
To find out more about Computer Futures please visit
Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Agency in relation to this vacancy | Registered office | 1st Floor, 75 King William Street, London, EC4N 7BE, United Kingdom | Partnership Number | OC(phone number removed) England and Wales
To apply for this job please visit itjobpro.co.uk.