Security Engineer

Available in:
Belfast


MAIN RESPONSIBILITIES:

  • Application and network security testing – working with development team to manually test the application for security
  • vulnerabilities including use of automation tools such as BurpSuite. Review of source code with development team including use of source code security tools.
  • Application vulnerability risk analysis - estimating vulnerability risk in context of specific application, environment and business scenarios. This will include writing and demonstrating vulnerability "proofs of concept”, explaining this to technical architects and business stakeholders.
  • Security Consulting – working with technical architects and developers on design of security-sensitive features; providing technical expertise to security related questions in design and development stage; assistance in development of automated testing suites to enforce security standards in newly written code.
  • Complies with all confidentiality and non-disclosure policies and/or agreements and ensures security of information at all times

THE IDEAL CANDIDATE HAS:

  • Demonstrated experience of testing current browser and web technologies – HTTP, HTML5, JavaScript, AJAX based web applications
  • Comprehensive knowledge of web security features (e.g. CORS) and threats (e.g. XSS, CSRF)
  • Understanding of web application architectures, such as MVC, and infrastructure such as load balancers, web proxies etc.
  • Demonstrated experience reading and analysing web application source code in languages such as Java, PHP, ASP.NET.
  • Hands on experience with application security testing tools such as BurpSuite, sqlmap and network security testing tools such as OpenVAS, mmap.
  • Demonstrated experience security testing on Unix operating systems.
  • Possess strong written and verbal communication skills as well as presentation skills.
  • Excellent interpersonal, analytical, organisational, and problem-solving skills
  • Ability to establish and maintain effective working relationships with project and respective team resources.
  • Proven ability to work independently with minimal supervision.
  • Certification is preferred in one of the following:

•CISSP

•OWASP

•CLAS


We’re an inclusive bunch at Kainos and we believe in equal opportunity. We welcome applications from all walks of life, including those with criminal records. Everyone who is offered a position here undergoes a background check, however no one is treated differently due to their background where it isn’t relevant to the role. It’s important to note – failure to reveal information which is relevant to the position sought, could result in us having to withdraw the conditional offer of employment.

In short: Having a criminal record will not exclude you from a career with Kainos. This depends entirely on the nature and requirements of the position, together with the circumstances and background of offences.