|Job Ref:||204753324||Employer:||cv-library.co.uk||Job Type:||Contract||Country:||United Kingdom||County/State:||Monmouthshire||City:||Newport||Address:||Salary:||£500/day||Post Date:||07/10/2016 03:53|
Cyber Security Consultant/Engineer | Newport | 6 month contract | £500 a day|
Our client is seeking an experienced Security Engineer and ethical hacker to undertake vulnerability and penetration-testing (ideally integrated into a continuous delivery environment). This work will be carried out across a number of digital products that make up their key Survey Data Collection platform.
The successful candidate will work closely with several multi-disciplinary product development teams to provide guidance and consultation on the outcomes from testing, and share processes, solutions and practices that support secure coding and architecture. A strong technical background is therefore essential, with practical experience of working on solutions (e.g. in software development or system/network/infrastructure architecture and administration). Teams generally consist of a Delivery Manager, Technical Lead, Product Owner and Software Engineers and User Research/Designers. Along with this role's "home" team they will work closely with Information Assurance, evidencing and reassuring that the security patterns of products are to standard.
What will you be working on?
* Applying security vulnerability and penetration testing on digital products, using manual/automated tools and processes, including static analysis.
* Integrating security testing into continuous integration/deployment pipelines.
* Promoting secure coding/architecture practices (such as OWASP) & best practice around monitoring and alerting across teams - collaborate to ensure security is built in at all stages
* Advising teams on appropriate cryptographic algorithms and formats for data exchange, storage
* Communicating new and emerging threats to teams.
* Articulating risks/associated threats and how best to mitigate them.
* Work with Information Assurance teams providing evidence to aid their assurance of products
What experience do you need?
* Direct experience executing vulnerability and penetration testing, (manual processes automated tools), ideally into a continuous integration/delivery pipeline. Detailed technical knowledge of vulnerabilities, threats, attack methods, and infection vectors.
* Experience working with highly scalable, secure and available systems handling sensitive data, preferably in the Cloud.
* Experience working closely with development teams to ensure secure coding and architecture is a fundamental part of product development. With detailed knowledge of OWASP and other best practices.
* Knowledge of cryptographic algorithms, including encryption, authentication and hashing and experience of applying them in different situations.
Be proficient at holding effective,ongoing technical discussion and input with development teams.
Nice-to-have skills and experience:
* Experience investigating suspected attacks and managing security incidents.
* Understanding of Government security standards and Information Assurance processes.
* Crest or CHECK certifications (team leader or team member)
* Certified Ethical Hacker (CEH)
* CISSP or similar familiarity with security architecture
Experience in Physical Security
Static program analysis
Linux, Python, Java
Amazon AWS / Cloud environments
If this contract is of interest to you and you are available from 01/11/2016 please apply with latest updated CV. If you would like further information please call (Apply online only).
People Source Consulting Ltd is acting as an Employment Business in relation to this vacancy.
People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas