APPLICATION SECURITY TRAINEEGeri JOB DESCRIPTION
The Sony spirit is about freedom, no limits, empowerment, innovation, imagination, autonomy, creativity and choice. With business operations all over the globe, we provide high quality lifestyle products offering entertainment through technology.
We are looking for trainees for Application Security Testing team reporting to Sony Electronics, Global Information Security. The candidates will be evaluated for two main areas: coordination and security testing.
The trainee role for coordination will be supporting coordination of internal and external projects for IT related processes. S/he will be assisting with service and performance measurements of internal/external teams and provide regular status reports, ensuring that all the tasks related with the projects are running as planned.
The trainee role for security testing will be supporting hands-on security tests and preparing reports and help customers with remediation of found vulnerabilities. S/he will be helping internal development teams with security related questions and will be preparing security related reports.
As Security Coordinator Trainee, you will contribute essential support to our technical teams and customers, monitor the progress of the work being performed and making sure that tasks which you have been assigned are moving forward smoothly.
• Coordinate different steps for embedding security in application development process; both for internal & external development teams and 3rd party agencies.
• Application Coordinator Trainee will be helping the line manager with the coordination of the following major topics:
o Penetration testing
o Internal security testing
o Secure coding know-how & tools
o Architectural Risk Analysis
• Establish a bridge of communication between Security Engineers and Internal/External Customers during preparation, execution, conclusion and continuous processes of the security tests.
• Work with different teams and 3rd parties to ensure the implementation of security best practices for applications.
• Using internal system software to track actions, identify risks and raise issues through to resolution.
• Ensuring all tasks related to the projects are completed in a timely and efficient manner
• Assist internal/external customers in resolution of work problems related to project specifications.
• Collecting and collating information for preparing documentation purposes to help provide efficient and effective support for the security testing process.
• Coordinating multiple projects/tasks which will move forward at the same time.
• Prepare team activity and project status reports on system software.
Security Testing Role
As Security Engineer Trainee, you will contribute essential support to our test teams and customer.
• Help team conduct new application security tests and help senior testers with big projects in the process, analyze test results, document risks, and recommend countermeasures.
• Elaborate security tests and deliver written reports suitable for viewing by clients.
• Develop understanding of subject systems and applications into security test plans.
• Actively participate in technical exchange meetings.
• Assist in researching, evaluating, and developing relevant Security Testing tools and methods.
• Assist internal Pentest related research topics.
The ideal candidates should be able to demonstrate:
• Bachelor's Degree in Computer Science, Computer Engineering, MIS or a related technical discipline, or the equivalent combination of education.
• Ability to track parallel activities in challenging conditions.
• Good organizational skills with attention to details and time management skills.
• UML knowledge.
• Ability to adapt different conditions, working well with internal teams as well as outside vendors/teams.
• Strong documentation skills.
• Strong analytical problem solving skills.
• An ability to work to deadlines.
• A commitment to ongoing training.
• Good writing and presentation skills.
• Excellent English skills both written and verbal including call-conversation skills.(We always hold meetings with global teams/vendors in order to improve speed and functionality of projects.)
• Excellent interpersonal skills, team-focused with a can-do attitude is desirable.
• Additional Requirements for Security Testing Role
• core experience and profound knowledge in application and infrastructure security testing.
• Knowledge about OWASP, WASC 2.0 Threats classification.
• Experience with standard security tools such as MetaSploit, SQLMap, Acunetix, AppScan, Skipfish, etc.
• Understanding of TCP/IP networking, HTTP protocols and their uses.
• Experience with network penetration test tools such as Nessus, Qualys, nmap, etc.
All applications will be acknowledged and treated confidentially.