Senior Technical Engineer – SECURITY TESTING
Job role: Senior Technical Engineer – SECURITY TESTING
Job location: Chennai
Job location: Chennai
- as achieved trusted advisor status at a senior level with the client.
- Excellent client-facing skills, takes time to establish underlying needs of client beyond those initially expressed.
- Has an innovative approach, develops new approaches to improve or replace existing procedures or systems.
- Excellent communication skills, maintains confidentiality, shares ideas and information, facilitates discussions and transfers knowledge to diverse audiences to achieve collective objectives.
- Renowned as an effective coach and sounding board.
- Good self-management. Takes on high commitments and works to achieve results. Keeps momentum going over time despite setbacks, showing resilience in the face of challenges and looking for ways to beat previous standards.
- Ability to manage own expenses and ensure adherence of others to the expense policy.
- Owns and leads security testing projects undertaken by Expleo for customers.
- Plans, models, scripts, and executes (scanning and penetration) security testing requirements for Expleo's internal and external customers
- Leads multiple phases of technical areas within a project and/or multiple small projects of moderate scope and sometimes complex assignments. Responsible for a certain area and conditions.
- Assures the project meets quality standards by providing technical guidance in planning, designing, executing testing, and developing procedures relating to product quality.
- Applies data analysis, data modelling, and quality engineering techniques, based upon a detailed understanding of business processes, to establish and maintain data structures and associated components (entity descriptions, relationship descriptions, attribute definitions).
Leads the creation of test cases using own in-depth technical analysis of non-functional specifications.
- Writes high quality scripts in a chosen tool and builds into a scenario to test defined non-functional use cases.
- Accurately identifies project risks and reports effectively to relevant stakeholders.
- Implements robust error handling and clear/consistent reporting functionality, investigating and reporting on hazards and potential risk events within a project or business area.
- Creates traceability records, from test cases back to requirements, reports on system quality and collects metrics on test cases.
- Provides detailed advice regarding the application of technologies.
- Bachelor’s Degree in Computer Science, Information Systems, or other related field, or equivalent work experience
- LPT and / or CEH + CISA
- Must have ISTQB Advanced
- Additional course or certification in the field of security
- Certification in Security Testing tools
- Undertake and execute web, mobile, middleware, infrastructure security testing projects.
- Must have completed at least 10+ security testing projects
- Must have LPT or (CEH + CISA) certiication
- Must be aware of latest security threats, attacks, trends, standards and solutions
- Must have worked on both OWASP and SANS CWE standards
- Must have worked on all phases of security testing
- Must have experience in doing threat modelling
- Must have done penetration testing in the past - Must be able to penetrate in tough to enter networks/systems
- Must have worked on at least 4 of the following tools:
- Burpsuite Pro
- Qualis Guard
- SonarQube and Sonar Scanner
- Fortify SCA
- Kali Linux
- Must have 6+ years of experience in security testing & must have worked in at least 10+ security testing projects
- Must have an eye for detecting security loop holes in all attack surfaces
- Must have experience in doing threat modelling with abuse and misuse cases in all different channels like web, mobile, iot/device, appliance, atm, kiosk, cloud etc...