Security Engineer

Location UK / Belfast

Job Type Permanent full-time, TemporaryContract

Salary Not disclosed

Updated 3 days ago

Reference 1386101

 Job Description

Our vision is to enable outstanding people to create digital solutions that have a positive impact on people’s lives

Security Engineer

Level: Senior Associate

Reports to: Senior Security Architect, Delivery Manager

MAIN RESPONSIBILITIES:

  • Application and network security testing – working with development team to manually test the application for security
  • vulnerabilities including use of automation tools such as BurpSuite. Review of source code with development team including use of source code security tools.
  • Application vulnerability risk analysis – estimating vulnerability risk in context of specific application, environment and business scenarios. This will include writing and demonstrating vulnerability “proofs of concept”, explaining this to technical architects and business stakeholders.
  • Security Consulting – working with technical architects and developers on design of security-sensitive features; providing technical expertise to security related questions in design and development stage; assistance in development of automated testing suites to enforce security standards in newly written code.
  • Complies with all confidentiality and non-disclosure policies and/or agreements and ensures security of information at all times

THE IDEAL CANDIDATE HAS:

  • Demonstrated experience of testing current browser and web technologies – HTTP, HTML5, JavaScript, AJAX based web applications
  • Comprehensive knowledge of web security features (e.g. CORS) and threats (e.g. XSS, CSRF)
  • Understanding of web application architectures, such as MVC, and infrastructure such as load balancers, web proxies etc.
  • Demonstrated experience reading and analysing web application source code in languages such as Java, PHP, ASP.NET.
  • Hands on experience with application security testing tools such as BurpSuite, sqlmap and network security testing tools such as OpenVAS, mmap.
  • Demonstrated experience security testing on Unix operating systems.
  • Possess strong written and verbal communication skills as well as presentation skills.
  • Excellent interpersonal, analytical, organisational, and problem-solving skills
  • Ability to establish and maintain effective working relationships with project and respective team resources.
  • Proven ability to work independently with minimal supervision.
  • Certification is preferred in one of the following:

•CISSP

•OWASP

•CLAS

Who you are: 

Our vision is to enable outstanding people to create digital solutions that have a positive impact on people’s lives. Our values aren’t abstract; they are the behaviours we expect from each other every day, and underpin everything that we do. We expect everyone to display our values by being determined in how obstacles are overcome; honest when dealing with others; respectful of how you treat others; creative to find solutions to complex problems and cooperative by sharing information, knowledge and experience.  

These values, applied collectively, help to produce an outstanding Kainos person, team and culture.  

About us  

Kainos is a high-growth IT services company providing digital technology solutions and agile software development to enterprise customers. Across our 30-year history, we have worked on transformational projects across government, NHS and a myriad of private sector clients.