Security Testing Engineer

Today we are a global team of technologists and thinkers, who help transform the world with the power of software, enabling our customers to be competitive and disruptive in the marketplace through innovative technology solutions.

POSITION DESCRIPTION

Our client is the largest international health & beauty retail group in Asia and Europe (based in Hong Kong), with over 12,000 stores operating 13 retail brands in 24 markets worldwide serving over 27 million customers per week.

The company operates the world's largest portfolio of retail formats, retail brands and running the gamut from health & beauty, luxury perfumeries and cosmetics, food, electronics and fine wine.

The project is focus on vulnerabilities management and security maintenance of existing client European brands.

RESPONSIBILITIES

• Conduct vulnerability assessments and issue validation as part of SSDL process.
• Work with both security and developers' team in order to provide an expertise to avoid security defects and vulnerabilities on several projects and business units.
• Scoping and estimating tasks, as well as managing multiple tasks with minimal supervision.
• Demonstrate considerable knowledge of planning and team management specific to security assessment
• Conduct vulnerability assessments and penetration testing
• Collaborate with technical personnel across the full assessment life cycle
• Document all disclosed issues adopting to different reporting formats

REQUIREMENTS

• Experience in test automation 3+ years
• Good understanding of testing theory, general software quality approaches
• 1+ year of penetration testing experience of network and web applications
• Ability to perform evaluation of application requirements, processes, technologies
• Ability to select, educate and communicate the right solution based on client requirements and objectives
• Experience with different exploitation tools and frameworks
• Ability to resolve technical problems when required.
• Ability to explain assessment results to technical and non-technical personnel
• Ability to develop, implement and guide security assessments' process on the project
• Experience in security testing of Web Applications
• Experience and understanding of Agile software development and the Software Development Lifecycle in general
• Good communication skills
• Ate least Intermediate level of spoken English

BENEFITS

• Competitive compensation depending on experience and skills;
• Individual career path in engineering;
• Social package - medical insurance, sports;
• Compensation for sick lists and regular vacations;
• English classes with native speaker (certified English teachers);
• Flexible work hours.

EVEN MORE EPAM BENEFITS

• We offer the possibility to work on full product lifecycle -from concept to delivery into production;
• We offer mentorship program;
• We offer guaranteed professional growth through the technology trainings and technology communities inside EPAM;
• We are proactive Agile/Scrum/XP practitioners.