Application Security Tester (Information Security Analyst)

Remote work, England

Posted:64 days ago
Location:Remote work, England
Job Ref:BH-33763
Job Type:Contract
Salary:Competitive
Expiry date:2/2/2023
Contact:Alex Englander
Contact Email:alex.englander@source-technology.com
Job Description
Position: Information Security Analyst (Application Security Tester)
Functional Reporting: Global Head of IT Security
 
Principle Responsibilities:
  • The analyst will perform manual application security testing on web applications on premises and AWS cloud reporting issues through the internal platforms.
  • Integrate and manage DAST and SAST scanning tools on CI/CD pipelines during the SDLC.
  • Automate repetitive tests such as regression of previous vulnerabilities on reach release.
  • Consume third party libraries vulnerability reports and perform proof of concepts.
  • Develop proof of concepts exploits when required.
  • Validate report results from various scanning tools.
  • Recommend security controls for application teams.
Qualifications
  • 3+ years working in the information security field.
  • 2+ years working in the application security testing field.
  • 2+ years working in finance area is an advantage.
  • Programming knowledge capable of writing exploits and automation scripts. (Java or Python are preferred)
  • Excellent knowledge of network and TCP/IPV4
  • Practical knowledge testing and working with Websockets using programming.
  • Practical and theoretical knoledge working with HTTP protocol, web servers and load balancers.
  • Ability to test, explain and recommend solutions for all OWASP top 10 vulnerabilities.
  • Practical knowledge on Cryptography.
  • Web Application Firewalls from a security testing standpoint.
  • Knowledge of AWS services including API consumption using programing is an advantage.
  • GWAPT and GCPN Security Certifications an advantage.

Apply now