Application Security Tester for ISAA
Deadline: 18 May 2024
Employment term: Permanent
Category: Other IT
Job type: Full time
Location: Yerevan
Job description:
We are seeking a highly skilled and detail-oriented Application Security Tester to join our team. The Application Security Tester plays a crucial role in analyzing the security of both new and existing computer software, web applications, or specialized utility programs. This role involves identifying potential vulnerabilities and flaws in codes, providing actionable insights, and ensuring the implementation of robust security measures. The successful candidate will have a strong background in cybersecurity, software testing methodologies, and risk management.
/en/application-security-tester-for-isaa
Job responsibilities
- Develop secure software testing and validation procedures.
- Perform secure program testing, review, and assessment to identify potential flaws in codes and mitigate vulnerabilities.
- Address security implications in the software acceptance phase, including completion criteria, risk acceptance documentation, and methods of independent testing.
- Perform risk analysis whenever an application or system undergoes significant changes.
- Apply coding and testing standards, utilize security testing tools such as fuzzing and static-analysis code scanning tools, and conduct code reviews.
- Determine and document software patches or release extents that could leave software vulnerable.
- Identify security issues during steady-state operation and management of software, and incorporate necessary security measures for end-of-life products.
- Identify common coding flaws at a high level and consult with engineering staff to evaluate hardware-software interfaces.
- Continuously evaluate and improve security testing methodologies and procedures to adapt to evolving threats and technological advancements.
- Collaborate with cross-functional teams including software developers, system administrators, and project managers to ensure that security considerations are integrated throughout the software development lifecycle. Communicate security findings and recommendations effectively to technical and non-technical stakeholders.
- Maintain detailed documentation of security testing activities, including test plans, test cases, findings, and remediation recommendations. Prepare comprehensive reports summarizing security assessment results and present findings to relevant stakeholders.
- Ensure that security testing activities comply with relevant industry standards, regulatory requirements, and organizational policies. Stay abreast of emerging security standards and best practices, and integrate them into security testing processes as applicable.
- Conduct security assessments of third-party software components and vendor products to ensure they meet security requirements and do not introduce vulnerabilities into the organization's environment.
- Stay updated on emerging threats, vulnerabilities, and security trends by participating in industry forums, attending conferences, and engaging in independent research. Apply insights gained from research activities to enhance security testing practices and improve overall security posture.
Required qualifications
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field. Master's degree or relevant professional certifications (e.g., OSCP,CPTS,OSWA,OSWE) preferred.
- 3-5 years of experience in application security testing, software development, or related roles.
- Proven experience in performing security assessments and identifying vulnerabilities.
- Strong understanding of risk management processes and methodologies.
- Knowledge of cybersecurity and privacy principles.
- Understanding of computer networking concepts, protocols, and network security methodologies.
- Familiarity with laws, regulations, policies, and ethics related to cybersecurity and privacy.
- Experience with cybersecurity threats and vulnerabilities.
- Knowledge of operating systems and IT risk management policies.
- Proficiency in secure software deployment methodologies, tools, and practices.
- Familiarity with code analysis tools and secure configuration management techniques.
- Experience in designing and executing secure test plans.
- Ability to recognize system and application security threats and vulnerabilities.
- Strong analytical and problem-solving abilities.
- Excellent communication and interpersonal skills.
- Detail-oriented mindset with a focus on accuracy.
- Ability to work independently and collaboratively within a team environment.
- Strong commitment to continuous learning and staying updated with the latest trends in cybersecurity.
Required candidate level: Mid level
Additional information
Application:
To apply for the position the applicants must send their CV to the mail address info@818.consulting. Applicants complying with most of the requirements will have an advantage during the selection process.
About the Employer:
Open and quality data is a critical asset, translating into national wealth! Developing an advanced and secure environment, enablers, and infrastructure is a necessary precondition for transforming Armenia into an e-society and e-economy.
The Information Systems Agency of Armenia (ISAA) is responsible for ensuring the technological foundations and development of the digital state in RA.
BACKGROUND
The world is currently undergoing a fundamental digital transformation, whereby all aspects of our lives are currently data points. Therefore, the main challenge for governments globally is capitalizing on the opportunities created by this vast amount of data, for example in personalized finance or medicine, without jeopardizing personal or national security.
The Government of Armenia is firmly committed to embracing the digital agenda by creating the necessary institutional architecture to catalyze building a secure and thriving digital society and economy. Doing so requires the private, especially financial, sector to play a leading role in this process, and the current over-emphasis on e-government alone needs to change. Therefore, our mission is to build the necessary infrastructure and enablers for this digital society and economy, intended for shared use both by the private sector and the Government, with the explicit goal of improving the day-to-day life of Armenian people and businesses.
It is the Government’s perspective that taking on this digitalization endeavor is not a luxury, but a necessity. Recent diagnostics by various international institutions and independent experts have found that further ad-hoc digitalization in Armenia, if taking place without the mentioned enablers and institutional architecture (e.g. digital identity, cybersecurity, data interoperability and governing standards), represents a serious threat to national security.
VISION
Open and quality data is a critical asset, translating into national wealth! Developing an advanced and secure environment, enablers, and infrastructure is a necessary precondition for transforming Armenia into the e-Society and e-Economy. The key mission of the digital society and economy would be to empower the population to continuously improve their lives and wellbeing, provide opportunities for the private sector to enhance competitiveness, and ensure greater efficiency and good governance of public institutions through the development and widespread use of ICT solutions built around citizen experience and lifecycle. These imply Seamless, Proactive, Convenient and Personalized services.
Professional skills
Data processing
Soft skills
Time management
Flexible
Detail-oriented
Share this job via your favorite social media channel.
About Company
818 Consulting comprises a team of seasoned professionals specializing in management support, research, and expertise in business development, human resource development (including compensations, benefits, and human capital management advisory). We firmly believe that human capital is the bedrock of a successful business. Our dedicated team provides support across various HR functions, emphasizing tailored methodologies to fuel company growth. As industry influencers, we transform HR cultures, introducing innovative techniques and coaching across all collaborating teams.
Since inception, we've executed diverse assignments for a wide array of clients, from international organizations like World Bank, EBRD, GIZ, UNDP, SIEMENS, and World Vision to private firms and corporations. We operate from our office situated in Marriott Armenia employing a structured approach to hiring, managing, coordinating, and assessing performance.
Contact details
Website http://818.consulting/
Phone: +37433818818
Address: 1 Amiryan st, office 320, Yerevan, Armenia