@Marc Ellis is #HIRINGRole: Security Testing Lead Location: Offshore Duration: 6 monthsKEY RESPONSIBILITIES:
Own, lead, and manage the IT Security testing process, including vulnerability assessments, penetration testing, code reviews, and security audits.
Develop comprehensive test plans and test cases based on security requirements and industry best practices.
Coordinate with cross-functional teams, including developers, system administrators, and network engineers, to ensure the timely execution of security tests.
Conduct security testing activities, such as vulnerability scanning, penetration testing, and social engineering, to identify potential weaknesses in the organizations information systems.
Analyze test results, identify vulnerabilities and risks, and provide actionable recommendations to enhance the security posture of the organization.
Collaborate with stakeholders to prioritize and remediate security vulnerabilities based on risk levels.
Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices to ensure the effectiveness of security testing methodologies.
Provide leadership, guidance, and mentorship to peers and members of the IT security testing team.
Act as a subject matter expert on IT security testing and contribute to the development and implementation of security policies, standards, and procedures.
Foster a culture of security awareness and best practices within the organization.
REQUIREMENTS:
Bachelors degree in Technology/Engineering field, a masters degree is preferred.
Minimum of 6 years experience in Security Testing, with a focus on vulnerability assessment, penetration testing, and security auditing.
Strong understanding of security principles, protocols, and technologies, including but not limited to Web AppSec, Mobile AppSec, API Sec, firewalls, IDS/IPS, encryption, authentication, and access control.
In-depth knowledge of industry-standard security frameworks, such as NIST, ISO 27001, and OWASP.
Hands-on experience with security testing tools, such as Nessus, Burp Suite, Wireshark, and Metasploit.
Professional certification such as CEH, CISSP, CISM, or OSCP are highly desirable.
Proven experience in managing and leading security testing projects from initiation to completion.
Excellent analytical and problem-solving skills, with the ability to think critically and make sound judgments.
Strong communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
Demonstrated ability to work effectively in a team-oriented collaborative environment.
Ability to adapt to changing priorities and handle multiple tasks simultaneously.
Strong leadership skills with the ability to motivate and inspire team members.
Experience in coordination between Offshore and Onshore, multiple vendors in larger projects.
Resource engagements, set project milestones, and collaborate with development teams to plan project sprints.
Coordinating with the Change Management team to schedule and implement changes. Planning and executing the implementations as per the schedule and keeping all the stakeholders informed and engaged.
Scope Management - for change in Scope during any stage of the project life cycle, creating the project change requests (PCRs), getting those approved from PgM, PMO team, Customer, and creating documents for additional scope or de-scope.
Highly adept at multi-tasking on several projects, mentoring team members, and possessing excellent decision-making ability. Proactively evaluated the risks and provided impact analysis along with alternate solutions to mitigate risks.
Ensures data usage is always compliant with PCI/DDS regulations.