Senior / Lead Security Testing Engineer DescriptionJob #: 74378
Mission: To enable our customers to be competitive and disruptive in the marketplace through innovative technology solutions while helping them to navigate successfully through multiple waves of technology change with our teams of consultants, designers, architects, and engineers.
If you’re looking for dynamic career in large company that still has the start-up mindset, experience fast professional growth deeply connected to technology EPAM will be the ideal place for you to shine.
EPAM is looking for a Senior / Lead Security Testing Engineer to join the Security practice to work directly with our biggest enterprise customers.
As Senior / Lead Security Testing Engineer, you are required to have advanced technical expertise in security of Web or Mobile application or Infrastructure security.
You will work independently being fully responsible for the results of the security assessment. Scope and tasks may vary depending on the project and customer needs.
You will be engaged to perform penetration testing or vulnerability assessments of target system(s) in lawful and legitimate manner acting like an insider (internal penetration test) or external user.
You may be involved in the full project security lifecycle from definition of security requirements till final security review and project closure.
What You’ll Do
- Develop security testing trainings for the project team
- Planning and team management specific to security assessment
- Identify and implement relevant security specifications and standards
- Define security requirements and security testing strategy
- Define security tools and associated security checks
- Scoping and estimating tasks, as well as managing multiple tasks with minimal supervision
- Vulnerability assessments and penetration testing
- Collaborate with technical and management personnel across the full security assessment life cycle
- Document all disclosed issues using different reporting formats
- Provide remediation suggestions to correct disclosed issues
- Collaborate with personnel responsible for writing and presenting proposals to prospective clients
What You Have
- 3+ years of proven practical experience in application or infrastructure security testing
- Ability to perform evaluation of requirements, processes, technologies from security standpoint
- Ability to select, educate and communicate the right solution based on client requirements and objectives
- Ability to explain assessment results to technical and non-technical personnel
- Understanding and practical experience in different security testing methodologies (OSSTM, OWASP, PTES)
- Experience in development of security-related documentation
- Experience in security assessments of Web Applications and Web Services (SOAP, RESTful) or experience in security assessments of Mobile applications (iOS, Android) or Experience in assessments of network infrastructure
- Experience in security assessments of Cloud applications
- Ability to develop, implement and guide security assessments’ process on the project
Nice to have
- Certifications in security field (OSCP, OSCE, WPTX, PTX, etc.)
- Experience in Containers security assessments
- Experience in IoT security assessments
- Experience in creation of Threat Models and performing Security Risk Assessment
- Flexible working schedule and opportunity to work remotely from any place in Latvia
- Community of 52,000+ industry’s top professionals united for exchanging knowledge with experts from anywhere in the world
- Outstanding career development opportunities with a transparent career path and a roadmap to accelerate your journey
- Travel and relocation opportunities within our offices in 35+ countries and relocation support for you and your family
- Wide range of professional training, workshops, and mentoring programs
- Learning resources and financial support for completing certification programs
- Corporate health insurance and the possibility of buying private health insurance for the family at a Corporate price
- Competitive salary plus annual bonuses for showing outstanding results
- Additional vacation days as a benefit from the Company