Our vision is to enable outstanding people to create digital solutions that have a positive impact on people’s lives
Level: Senior Associate
Reports to: Senior Security Architect, Delivery Manager
- Application and network security testing – working with development team to manually test the application for security
- vulnerabilities including use of automation tools such as BurpSuite. Review of source code with development team including use of source code security tools.
- Application vulnerability risk analysis – estimating vulnerability risk in context of specific application, environment and business scenarios. This will include writing and demonstrating vulnerability “proofs of concept”, explaining this to technical architects and business stakeholders.
- Security Consulting – working with technical architects and developers on design of security-sensitive features; providing technical expertise to security related questions in design and development stage; assistance in development of automated testing suites to enforce security standards in newly written code.
- Complies with all confidentiality and non-disclosure policies and/or agreements and ensures security of information at all times
THE IDEAL CANDIDATE HAS:
- Comprehensive knowledge of web security features (e.g. CORS) and threats (e.g. XSS, CSRF)
- Understanding of web application architectures, such as MVC, and infrastructure such as load balancers, web proxies etc.
- Demonstrated experience reading and analysing web application source code in languages such as Java, PHP, ASP.NET.
- Hands on experience with application security testing tools such as BurpSuite, sqlmap and network security testing tools such as OpenVAS, mmap.
- Demonstrated experience security testing on Unix operating systems.
- Possess strong written and verbal communication skills as well as presentation skills.
- Excellent interpersonal, analytical, organisational, and problem-solving skills
- Ability to establish and maintain effective working relationships with project and respective team resources.
- Proven ability to work independently with minimal supervision.
- Certification is preferred in one of the following:
Who you are:
Our vision is to enable outstanding people to create digital solutions that have a positive impact on people’s lives. Our values aren’t abstract; they are the behaviours we expect from each other every day, and underpin everything that we do. We expect everyone to display our values by being determined in how obstacles are overcome; honest when dealing with others; respectful of how you treat others; creative to find solutions to complex problems and cooperative by sharing information, knowledge and experience.
These values, applied collectively, help to produce an outstanding Kainos person, team and culture.
Kainos is a high-growth IT services company providing digital technology solutions and agile software development to enterprise customers. Across our 30-year history, we have worked on transformational projects across government, NHS and a myriad of private sector clients.