Job Description :
Role:Security engineer penetration testing

Building an annual penetration testing plan for the applications.
Scoping each penetration test with the relevant business owners - product management and engineering leaders.
Executing penetration tests on the applications developed by the company. The penetration tests must always include application-level penetration testing, but may also include operating system hardening verification (e.g. a self-checkout must be hardened as a kiosk workstation
Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes.
Research new attack vectors in the retail, hospitality and financial industries and in the application security field in general.



Bachelor’s Degree in Computer Science or related field. Equivalent work experience will be considered.

Penetration testing hands-on experience of 3-7 years.

Software development lifecycle background of 2-3 years.

Security certifications are desirable, e.g. CISSP, CEH or OSCP.

PCI and PA DSS Certification experience is a plus.

Retail and financial payment transaction processing software vulnerabilities and authentication testing – advantage.

Experience with E-Commerce payments integration/ security issues – advantage.

Soft skills - effective communication (internal, customers), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.

Active participation in cybersecurity forums/conventions, e.g. DEFCON, Black Hat. Public speaking is a plus.

Client : Ncr