Security Testing Engineer

Security Testing Engineer

Arbetsbeskrivning

Would you be interested in working with security testing to make sure our production applications and -systems are secure?
About the team
If IT Security is an If Group organization supporting If´s insurance business by maintain and develop cybersecurity actions within the entire If. If’s IT Security team provides security capabilities associated to the total If ICT area. Our task is to review and assess the potential risk of new industry threats, as well as implement and manage technologies capable of testing detecting, investigating, and/or eliminating those threats.
Read more about our Tech Community at If and how we together create tech that matters: www.if.fi/tech.
About the role
We are searching for an experienced Security Testing Engineer focusing on supporting security functions and related processes. While various security review and testing activities are already taking place, this role would solely focus on security testing If’s production applications and -systems. You will have an important internal consultancy role to share knowledge, create instructions, train- and help the dev teams together with Site Reliability Engineers and other parts of If IT.
We offer you an inspiring and challenging position that enables you to develop your role and skills by performing offensive security testing against vast amount of business applications and systems. You will get an opportunity to operate within a very modern hybrid IT environment. You will be part of an informal and performance-oriented culture and have a flexible work-life where not one day is the same as the other.
Responsibilities:
• As a security testing expert, you’ll conduct and participate in offensive security tests against If’s applications and systems.
• Assess security maturity of networks, assets, hardware, platforms, and applications from adversary point of view.
• Plan security testing roadmap.
• Run and maintain automated security scan solutions and attack surface management tools
• Report on and prioritize findings to development teams, vendors and other stakeholders
• Support Site Reliability Engineers team and collaborate with development teams to address security defects before, after and during development.
• Develop and maintain tools and techniques for security testing and attack surface management.
• Communicate new developments, breakthroughs, challenges, and lessons learned to relevant team members and leadership.
• Participate in developing internal processes and frameworks around security testing.
• Lead and collaborate on additional projects, assignments or initiatives as required.
• Show commitment to learning and the never-ending curiosity of all things related to security.
Who are you?
In order to succeed in this role, you will need
• Suitable degree (e.g., Bachelor's degree in Computer Science or a related field)
• Related certificates (e.g., OSCP) are considered as an advantage
• Overall understanding and hands-on experience of IT services, operations, infrastructure, and application development
• At least two years performing security testing as a primary job responsibility, including the use of professional penetration testing tools (e.g., Burp Suite)
• Sound understanding of application and network security vulnerabilities (e.g., OWASP Top 10), defence techniques and security best practices
• Experience with modern application development languages and frameworks (e.g., Node.js, Java, Python, React, Angular).
• Basic scripting skills in PowerShell and Visual Basic are considered as an advantage.
• Capabilities to communicate fluently in English, both written and oral.
• Systematic problem-solving approach coupled with strong communication skills and a sense of ownership and drive.
We offer
In the same way that we place high demands on you as an employee, we also expect you to place high demands on us as an employer.
Here are some of the benefits of working at If:
• An including work environment where everyone is welcome
• Career and development opportunities in the biggest insurance company in the Nordics
• Social activities, as well as highly skilled professional environment
• Possibility of hybrid workplace
• Health promoting workplace with e.g., wellness allowance and various sports activities
• Great insurance benefits
Additional facts and recruitment process
Application deadline: Last date to apply is 22th of September. However, we will start screening and interviewing already during the application period.
Location: Turku, Espoo, Stockholm, Oslo or Copenhagen
To apply for the position: Please attach your CV and answer in the questions on the application form. Please notice that we are not able to process any applications via email.
Travelling: Some travelling will be required since the role has responsibility throughout the countries in which If operates.
Background check: Final candidates will undergo a background check before a job offer can be presented.
For more information regarding the position, please contact Head of IT Security
Mika Rintamäki, mika.rintamaki@if.fi
We are eager to hear from you!

Kontaktpersoner på detta företaget

Sophie Wilkinson
08-792 82 11
Sophie Wilkinson
08-792 82 11 070-348 78 75
Malin Magnusson
08-736 28 47

Sammanfattning

  • Arbetsplats: If Skadeförsäkring Stockholm
  • 1 plats
  • Tills vidare
  • Heltid
  • Fast månads- vecko- eller timlön
  • Publicerat: 3 september 2024
  • Ansök senast: 17 september 2024

Besöksadress

Barks Väg 15
Solna

Postadress

None
Stockholm, 10680

Liknande jobb


21 november 2024

Cybersecurity Architect

Cybersecurity Architect

18 november 2024

IT-supporttekniker 2nd line

IT-supporttekniker 2nd line

18 november 2024