Sainsbury Careers – Senior Information Security Tester

Website Sainsbury's

Job Description:

There are thousands of experts to talk to and learn from. We’ve got data from billions of transactions for our teams to play with. Things get built here. They get made here. They hit customers and colleagues quickly. Welcome to the home of Sainsbury’s Tech.

Job Responsibilities:

  • Manage the internal vulnerability scanning programme to ensure that scans are planned and carried out in a timely manner
  • Manage internal security assurance for internally developed applications within a DevOps environment
  • Responsible for performing internal security testing, including detailed and actionable reporting
  • Ensures the benefits of Information security and concept of risks is understood by all colleagues
  • Responsible for ensuring that vulnerabilities identified via internal scanning programme, Internal or external penetration testing are suitably mitigated and any residual risks are documented and formally accepted
  • Conduct Information Security Risk Assessments using the Information Security Risk Management Process
  • Provides advice and guidance associated with the planning, design, implementation and improvement of system security taking account of current best practice, legislation and regulation
  • Pro-actively manages security risk assessments and mitigation plans to address risks within agreed timescales, evaluating business impact
  • Scope penetration testing for both internal and external facing applications Manage external resources to ensure that penetration testing is carried out to a suitable standard on time and within budget

Job Requirements:

  • Strong current knowledge of PCI, DPA and ISO27001
  • Expert in tools or systems which provides access security control (i.e. prevents unauthorised system access)
  • At least one of the following information security testing certifications OSCP, GIAC or CREST (CRT or CCT)
  • Demonstrates extensive knowledge of good security practice covering the physical and logical aspects of information products, systems integrity and confidentiality
  • Expert in methods and techniques for risk management, business impact analysis, countermeasures and contingency arrangements relating to the serious disruption of IT services
  • Extensive knowledge of HTTP, PCI ASV and SSDLC
  • Extensive knowledge of OWASP vulnerabilities, tools and methodologies

Qualification & Experience:

  • Experience of performing Red Team activities and knowledge of relevant frameworks
  • Experience of performing Infrastructure Assessments and Security Reviews on Windows/Linux environments and Databases
  • Experience of performing mobile security assessments (Android – iOS)

Job Details:

Company: Sainsbury’s

Vacancy Type: Full Time

Job Functions: Quality Assurance

Job Location:  Walsgrave on Sowe, GB, UK

Application Deadline: N/A

Apply Here

Leave a Reply

Your email address will not be published. Required fields are marked *