Advanced manage a large technical infrastructure covering Public Cloud, Private Cloud, and on-premises datacentres. We are looking for security testing engineer to help us do this securely.

As a Senior Security Test Engineer, you will be helping Advanced to test multiple Web Applications and Infrastructure environments created on a wide variety of technology and coding languages.

• Perform penetration tests on computer systems, networks and applications
• Create new testing methods to identify vulnerabilities
• Perform physical security assessments of systems, servers and other network devices to identify areas that require physical protection
• Pinpoint methods and entry points that attackers may use to exploit vulnerabilities or weaknesses
• Search for weaknesses in common software, web applications and proprietary systems
• Research, evaluate, document and discuss findings with IT teams and management
• Review and provide feedback for information security fixes
• Establish improvements for existing security services, including hardware, software, policies and procedures
• Identify areas where improvement is needed in security education and awareness for users
• Be sensitive to corporate considerations when performing testing (i.e. minimize downtime and loss of employee productivity)
• Stay updated on the latest malware and security threats

Ideal candidate would have atleast 8 years of experience in Information Security. CEH Certification preferred

• Experience in application security assessments (Web/Desktop/Mobile), hands on techniques for identifying SQL injections, XSS, CSRF, authentication, OWASP top 10 issues
• Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols etc
• Experience on both commercial and open source tools like Cenzic Hailstorm, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP, etc
• Proven experience in identifying and exploiting business logic and framework related vulnerabilities
• Vast experience in removing false positives, analyzing dynamic scan webinspect, appscan reports
• Knowledge of Secure SDLC and Security standards like OWASP, CWE, NIST, OSSTMM
• Provide expert advice and recommendation to application development team as well as vendor
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• Excellent written and verbal communication skills as well as business acumen and a commercial outlook
• A thorough working knowledge of complex IT systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practice security products.

• Generous Annual Leave – 20 days, plus public holidays, with the possibility to buy additional days
• Summer Fridays! Every Friday afternoon off throughout July and August 2022 (or equivalent time in the week)
• Life Insurance – 3x times annual salary
• Top Achievers Club – Our yearly VIP trip includes flights, transfers and accommodation to recognise excellence in our employees
• 65% Internal Mobility – Committed to the development & growth of our people
• Exposure to the latest technologies

We are one the UK’s largest tech companies, and our products sit at the heart of some of the country's best-known businesses. We’ve grown phenomenally quickly with a £275m turnover and 2,800 employees supporting over 25,000 customers. We hire for potential. We want to make sure we have the best people for the job and provide genuinely equal opportunities for our people to thrive. Our recruitment process is designed with inclusion and equity at its core.

Find out more about the next steps once you’ve applied here - careers.oneadvanced.com/how-we-hire