Security Tester

Job ID
GROP268
Job Type
Permanent Full-Time
Location : Name (EN)
London, UK
Additional Job Category
Operations

Your Role:

The Security Tester is responsible for leading security testing activities for the software that Global Relay deploys. You will serve as the senior point of contact between Information Security, Development and Quality Assurance teams with regard to identifying, assessing and remediating application vulnerabilities.

 

Your Job:

 

  • Act as the senior subject matter expert for Global Relay software security testing
  • Lead the software security test planning and execution activities for all releases
  • Lead the selection, deployment, and management of appropriate scanning tools for security testing
  • Ensure that the selection and execution of security tools and testing methodologies are augmented and continually improved based on emerging requirements and the evolution of threats and vulnerabilities
  • Ensure each component team adequately tests for, acknowledges, responds to, and mitigates security vulnerabilities
  • Teach development teams about security testing methodologies that can be used to improve security testing and reduce the risk of vulnerabilities in the production environment
  • Ensure InfoSec wiki pages are updated based on the content in each component and service level release
  • Coach and mentor other members of the Information Security team
  • Identify and document security vulnerabilities
  • Investigate security issues in order to determine specific steps for reproduction and scope
  • Create, maintain, and execute manual security test cases
  • Execute and analyze security scans using appropriate scanning tools (e.g. HP WebInspect)
  • Provide reporting on the outcome of security testing
  • Document verification of security fixes
  • Develop competency in the OWASP Top 10 and derive new test methodologies based on Global Relay applications
  • Learn appropriate security tools (e.g. ZAP) that allow for manual and automated testing
  • Work with software security team members to identify areas where security test coverage is lacking, and work to improve the security test coverage
  • Assist the software security team members with assessment and test planning for upcoming releases
  • Assist security team members with communication of new security testing initiatives to the development teams and work with the teams to finish them (e.g. test case reviews, presentations of new content)
  • Improve test case documentation and grouping
  • Provide suggestions on improvements and see these through to completion

 

About You:

 

  • 5+ years hands-on experience in a software quality assurance environment
  • 2-5 years hands-on experience working as a developer
  • Expert knowledge and experience using software testing tools, such as HP WebInspect, ZAP, and Wireshark in the analysis of software vulnerabilities
  • In-depth understanding of web-based protocols, including cookie management, encrypted traffic, TLS, HTTPS, and HSTS
  • Knowledge of internet and network technologies; specifically TCP/IP, UDP, SMTP, HTTP, HTTPS, FTP, SFTP and FTPS; any other Internet and network technologies would be an asset
  • Expert understanding of and exposure to security tools such as firewalls, IDS/IPS, anti-virus, anti-spam, and server and network device hardening
  • Demonstrated understanding of advanced persistent threats (APTs) and emerging and novel vulnerabilities
  • Knowledge of threat remediation techniques specific to the programming languages in use at Global Relay
  • Expert knowledge of software security in general and of OWASP Top 10
  • Ability to write and modify scripts and/or program in various languages, such as Python and PowerShell
  • Strong knowledge of encryption protocols and methodologies
  • Ability to research and maintain proficiency in software, tools, techniques, countermeasures, and trends in information security, network vulnerabilities and encryption
  • Recognized security industry certifications, such as CompTIA Security+
  • Ability to communicate diplomatically and effectively at all levels of the organization with all classifications, including the very technical
  • Proven competence using MS Office and other desktop applications
  • Methodical and creative approach to problem-solving
  • Excellent verbal and written communication skills
  • Strong attention to detail and follow-up
  • Ability to multitask
  • Availability after hours for escalations

 

About Us:

Global Relay is the leading provider of cloud-based archiving, information governance, surveillance, and eDiscovery solutions to the global finance sector. We help financial services firms preserve and supervise their communications data for regulatory compliance, risk mitigation, and litigation readiness. We deliver our services to over 20,000 customers in 90 countries, including 22 of the top 25 global banks. Our market-leading archiving service supports email, instant messaging, text, market data chat, social media, enterprise social networking, voice, trade data, websites, and more. Recently, we also launched a compliant messaging platform specifically for the finance industry.

 

We’ve won major awards for our growth, management, and culture – including the Deloitte Fast 50 Leadership Award, Canada’s 10 Most Admired Corporate Cultures, and the Deloitte-sponsored Canada’s Best Managed Companies awards. Our Global Operations & Development Center is located in Vancouver, BC, Canada. In addition, we have offices in six other cities across the world, including major financial centers like New York, Chicago, and London.

 

Having established our dominance in the North American finance industry, we have been expanding our London operations to better serve our UK and EU customers. Our four-story EMEA headquarters on Cannon Street (near St. Paul’s Cathedral) features state-of-the-art amenities, a spectacular view of the city, and an Executive Briefing Center for customer forums and other events.

 

We provide fantastic opportunities to individuals passionate about business and technology. These opportunities include working alongside members of our leadership team. Receiving mentorship from seasoned technology and business professionals. And doing business with the world’s largest, most influential banks and enterprise organizations.

  

To learn more about our business, culture, and community involvement, visit www.globalrelay.com.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed