Make an impact by working for sectors where technology is the enabler, where everything is ground-breaking and there’s a constant need to be innovative. Be part of the team that combines business knowledge, technological edge and a design experience - who complement and help each other in developing solutions and experiences for digital clients. Face challenges and learn other ways of thinking and seeing the world. There’s always room for your energy and creativity.
About the role
Are you passionate about security testing? Are you up for a new challenge?
We are looking for a Junior Security Test Engineer. You will be part of a growing team responsible for assuring that software produced at Celfocus is delivered with high quality. You will work closely with our project teams in a DevOps environment.
The role entails applying expertise in the field of Software Security Testing to create a testing team dedicated to this area, ensuring processes are aligned with the internal definition of the company and in close collaboration with the efforts of our development teams.
- Contribute to the team that defines, creates and implements frameworks, tooling and processes for software security testing delivery.
- Participate in the definition of the testing and development practices that need to be followed in this area by following the latest recommendations from standard bodies and industry references (e.g. OWASP, ISO/IEC 27000 series).
- Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications.
- Work collaboratively with both DevOps engineers to successfully integrate software security testing assets in the continuous integration and continuous deployment solutions being defined and delivered in Celfocus projects.
What are we looking for?
- A lively and flexible mind, clear logic, a detail-oriented approach;
- Passion for breaking security of things;
- Previous Experience in SW Solutions Engineering & Development;
- Interested in DevOps, distributed systems and continuous delivery;
- Interested in Agile software development process;
- Ability to influence new visions and challenge existing methodologies;
- Ability to work collaboratively in a team environment;
- Excellent social skills and ability to get on with a wide variety of people;
- Curiosity, determination and self-reliance - an ability to continuously identify and fix areas of improvement, and identify and fill gaps in your expertise;
- Skills to communicate complex ideas effectively;
- The desire to develop yourself in the field of security testing.
Nice to have:
Previous Experience with:
- Good knowledge of Linux or Windows operating systems
- Skills in scripting and automating your work using Powershell, Python, Bash,
- Security Testing Domain, its tools and techniques
- Static Application Security Testing Tools (Fortify, SonarQube, etc…)
- Dynamic Application Security Testing Tools (Burp, ZAP, etc…)
- TDD – Test Driven Development
- BDD - Behaviour Driven Development
- Continuous Deployments
- An understanding of browser security mechanisms (SOP, cookies, CSP, HSTS, etc.)
- Familiarity with various protocols and attacks against them (OAuth, JWT, websockets, etc.)
- Experience with public clouds (Azure, AWS, GCP)
- Experience with pipeline Orchestrators (Jenkins, Azure DevOps, GitLab CI/CD)
Ability to adapt to different contexts, teams and Clients
Teamwork skills but also sense of autonomy
Motivation for international projects and ok if travel is included
Willingness to collaborate with other players
Strong communication skills
We want people who like to roll up their sleeves and open their minds. Believe this is you? Come join the Team!