Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

Security Testing Analyst

All the collected blog posts from the members of our community, and some others
(i.e. both from <a href="http://www.woodmann.com/forum/blog.php">local</a> and external blogs, please let us know about any good external ones to import!). Feel free to discuss/comment any blog post in here.
Locked
CompuSecJobs
Posts: 3
Joined: Mon Dec 10, 2012 9:10 pm

Security Testing Analyst

Post by CompuSecJobs »

Company introduction
Scytl is the global leader in secure election management and electronic voting solutions. Specializing in election modernization technologies, Scytl offers the first end-to-end election management and voting platform, providing the highest security and transparency standards currently available.
Scytl has capitalized on its more than 18 years of research to develop election-specific cryptographic security technology protected by more than 40 international patents and patent applications, positioning Scytl as the company with the largest patent portfolio of the industry.
Scytl’s solutions have been successfully used in more than 20 countries throughout the world over the last 10 years, including Canada, the United States, Mexico, Ecuador, France, Norway, Switzerland, Bosnia-Herzegovina, the UAE, India and Australia. Scytl is headquartered in Barcelona, Spain with strategic offices in Canada, the United States, Peru and Greece as well as field offices in the UK, Ukraine, Malaysia, India and Brazil.

Candidate Profile
Reporting to the Director of Security, the Security Testing Analyst role will suit someone with experience in auditing web applications and ethical hacking projects, willing to develop his/her career in computer security.
*
Responsibilities
This will include, but not be limited to:
  • Security assessment of our own software solutions, mainly web applications.
  • Security assessment of our own SaaS platforms, and third-parties platforms.
  • Integration with the Software Development Team and Quality Assurance Team for in the definition and control of the company “Secure Software Development Life Cycle” (S-SDLC) strategy.
  • Intensive web application testing, automated vulnerability assessments, source code analysis for security testing purposes, and penetration testing in general.
  • Automate the security tests and integrate the automated testing environments within the S-SDLC process.
  • Security assessment of electronic voting platforms.
  • Research for security vulnerabilities in open source applications.
  • Research for new defensive security mechanisms related to software.
  • Participation in the research, analysis and design of new advanced security mechanisms for the company developed solutions.
  • Participation in the publication and diffusion (e.g., conference presentations) of the research effort results and contribution of the company in security matters.
  • Requirements
  • Security assessment of our own software solutions, mainly web applications.
  • Security assessment of our own SaaS platforms, and third-parties platforms.
  • Integration with the Software Development Team and Quality Assurance Team for in the definition and control of the company “Secure Software Development Life Cycle” (S-SDLC) strategy.
  • Intensive web application testing, automated vulnerability assessments, source code analysis for security testing purposes, and penetration testing in general.
  • Automate the security tests and integrate the automated testing environments within the S-SDLC process.
  • Security assessment of electronic voting platforms.
  • Research for security vulnerabilities in opensource applications.
  • Research for new defensive security mechanisms related to software.
  • Participation in the research, analysis and design of new advanced security mechanisms for the company developed solutions.
  • Participation in the publication and diffusion (e.g., conference presentations) of the research effort results and contribution of the company in security matters.

Requirements
  • Computing or Telecommunications Engineer / BSc are preferred; other university studies*such as Physics or Mathematics are also accepted.
  • Security assessment of our own software solutions, mainly web applications.
  • Security assessment of our own SaaS platforms, and third-parties platforms.
  • Integration with the Software Development Team and Quality Assurance Team for in the definition and control of the company “Secure Software Development Life Cycle” (S-SDLC) strategy.
  • Intensive web application testing, automated vulnerability assessments, source code analysis for security testing purposes, and penetration testing in general.
  • Automate the security tests and integrate the automated testing environments within the S-SDLC process.
  • Security assessment of electronic voting platforms.
  • Research for security vulnerabilities in opensource applications.
  • Research for new defensive security mechanisms related to software.
  • Participation in the research, analysis and design of new advanced security mechanisms for the company developed solutions.
  • Participation in the publication and diffusion (e.g., conference presentations) of the research effort results and contribution of the company in security matters.
Desired*Requirements*
  • Previous experience in Security Services firms (advisory or audit).
  • Security certifications such as CEH, CISSP, or OCSP.
  • Knowledge of Software Engineering or experience working in software development companies.
  • Knowledge of basic cryptography: symmetric and asymmetric cryptography, and communications protocols.
  • Experience in System Administration and Web Application Firewalls.
  • Other languages will be advantageous.

http://www.compusecjobs.com/jobs/securi ... g-analyst/
Locked