This job is no longer active. It was disabled the April 24, 2021 by Nordea
Security testing specialist, Helsinki, Tricity, Warsaw
more than one year ago
Posted:
more than one year ago
Nordea
Company:
Nordea
April 30, 2021
Due date:
April 30, 2021
Helsinki
Location:
Helsinki
About this opportunity
- Enable the NFT CoE to grow in the area of security testing.
- Proactively drive improvements Nordea wide in the security testing area.
- Drive and solve security testing related challenges across global teams.
- Drive and define activities for security testing in the CI/CD pipeline.
- Drive and establish automation of security testing.
- Plan, execute, report and document security testing, employing the test methods static application testing (SAST) and dynamic application testing (DAST).
- Be SME in dialog with Vendor and secure the deliveries from a security testing perspective.
Who you are
- Have several years of experience in security testing and analysis.
- Has strategic overview of testing processes and how security fits into the greater picture of the technology landscape.
- Have the ability to lead people towards common goals and objectives.
- Have a proactive, innovative and solution driven mindset. Are eager to learn and comfortable with delivering a variety of tasks in an evolving and changing environment.
- Demonstrates a high degree of structure, flexibility, planning and prioritization skills, and delivers in a timely manner, with focus on quality.
- Are hands-on with the technical aspects, as well as interested in the bigger architecture aspects of cyber security.
- Bachelor in Computer Science, Information Systems or related discipline, or equivalent work experience.
- Several years of experience in the security testing discipline, both static application security testing (SAST) and dynamic application testing (DAST).
- Experienced test manager, with hands-on experience in security test planning and execution, reporting and documentation.
- Adequate experience using Burp Suite, Wireshark, Kali Linux, nmap, security monitoring tools, etc.
- Good knowledge of at least one programming language (Java, C#, Python, JavaScript or similar).
- Well versed in network and web application security, as well as in secure coding and hardening.
- System Admin Level knowledge of Linux OS-s, especially security settings.
- Up-to-date knowledge of security architecture, security technologies and audits.
- Good knowledge of OWASP testing framework, threat modelling and security trends.
- Knowledgeable in SDLC and CI/CD / DevOps toolchains.
- Fluent in English, spoken and written.
- ISTQB CTFL.
- Preferred:
- To have a relevant security certification (e.g. CEH, CISSP, GCIA, GCIH and GCAC),
- ISTQB CATE or CATM.