Job Description

Description

---------------


o Create, maintain, and execute appropriate security testing processes to enable timely detection, risk-based prioritization, and co-ordinate the remediation of security testing findings o Manage planning & execution of corporate penetration testing, DAST and SAST onboarding. o Collaborate with development and QA teams to integrate security tools into CI/CD pipelines. o Develop and maintain security testing documentation, including test plans and reports. o Provide clear, concise and easily consumable communication with key technical and non-technical stakeholders so that findings are understood and appropriately addressed. o Measure and report the maturity, effectiveness and efficiency of Security Testing services o Understand the elements involved within the exception requests and their importance - data sensitivity assessment, control implementation and maintenance plan, assessing the legal, compliance, reputation, and operational risks associated with the exception. o Ensure accurate and clear communication with all stakeholders. o Provide appropriate MI to key stakeholders. Direct Span Indirect Span NA NA Qualified to degree level, preferably in a business, IT or security related subject 3-5 yrs. Skill Proficiency Scoping and managing penetration testing activities Advance Building and leading effective security teams Advance Knowledge of Sox, SOC & other IT and Privacy related standards Intermediate Basics of IT Auditing and IT Risk concepts Intermediate Frameworks & methodologies such as CVSS, CIS Benchmarking, OWASP Advance Knowledge of Risk management tools, methodologies and practices Advance Application and infrastructure security principles Advance Knowledge of SIEM, PAM & Discovery Tools. Basic

Qualifications

------------------


*