Security Test Engineer
Engineering | UK – Bristol or London
About The Client
Our client aren’t your typical high-tech company and aren’t looking for typical people. They look for real people. Whoever they are. Whatever they are.
While you might work well with others you aren’t afraid to be you and let others be themselves. Someone has called you wicked smart before, but you would never refer to yourself that way.
The company pioneered open source identity and access management, went on to invent identity relationship management for customer identities and is now busy playing with the identity of things.
Yes, they’re growing fast, but they remain true to their start up culture. They’re decidedly creative, they are always learning, no one hesitates to ask questions, and they’re on a never-ending search for new ideas. Their customers are some of the biggest companies, organisations and even countries in the world. On any given day, it’s likely that the company Identity Platform helped keep your data safe, gave you access to stuff, and supported trusted relationships between you, companies and the devices you were using.
Our client, the innovative global open source Identity vendor headquartered in San Francisco, CA, is currently hiring for a Security Test Engineer to join the team in Bristol or London. If you have a strong security testing background or an interest in the latest penetration tools and technologies and want an opportunity to be on the ground floor of a rapidly growing company, you will love working in their ultra-casual, life focused environment where they put the emphasis on providing the tools, benefits, and perks in place that allow you to focus on your work while maintaining balance to your life.
- Define and implement strategy for security testing of Identity Management products
- Perform hands-on security tests and code reviews to discover security related issues
- Reproduce exploits and confirm possible security vulnerabilities
- Act as a specialist to advise engineers about security best practices
- Communicating vulnerability findings verbally and in writing
- Liaise with internal teams to improve security and manage issues
- Perform, monitor, analyse security scans of ForgeRock products continuously
- Develop internal security and penetration tests using best industry practices
Required Skills & Qualifications
- Up to date with the latest penetration testing tools and technologies.
- Strong knowledge in Web application penetration testing.
- Experience exploiting vulnerabilities in web servers and clients.
- Hands-on experience in script development related to penetration testing activity
- Ability to demonstrate manual and automated testing of all of OWASP #10 categories.
- Solid understanding of cryptography and encryption schemes (symmetric, asymmetric, and hashing).
- Good understanding of the components of a secure DLC/SDLC.
- Expert knowledge of security risks related to web applications, web services, web browsers, databases and client/server architectures.
- B.S. or equivalent degree in an Engineering or Science Discipline.
Life at The Company
They believe in and facilitate a flexible, collaborative work environment. They’ve grown enormously, but remain true to the innovative, can-do start up values that got them here. Most important of all, they keep hiring talented, smart, fun, and genuinely nice people because that’s who they want to succeed with every day. Below is just a few of the great things they have to offer:
- A great team of smart, fun and genuinely nice individuals.
- Awesome company culture focused around providing a flexible and collaborative work environment
- Regular office bonding events, from lunches and happy hours to group offsite and hack-days
- Well-stocked fridges, whether you’re hungry or thirsty
- Competitive benefits and perks
- Generous employee referral bonus program
- Amazing offices across the globe – San Francisco HQ; Vancouver, WA; London & Bristol, UK; Grenoble, FR; Oslo, NO; Singapore, Australia & counting!