Great that you're thinking about a career with BSI!
Job Title: Application Security Test Engineer
Location : Hemel Hempstead / Hybrid
Salary: Circa £45,000 + Bonus
BSI have a fantastic career opportunity for an individual looking to undertake a rewarding career within the cyber security regulatory industry.
Our testing teams are responsible for testing a wide range of products to ensure they meet stringent security standards and certification requirements. In this role you will have the opportunity to test a wide range of products from our global clients, including big tech.
Working within the regulatory landscape you will also have the opportunity to keep abreast of the latest regulatory requirements, develop your expertise, and research new testing techniques to further expand our testing capabilities.
As our Application Security Test Engineer, you be responsible for testing client mobile and web software applications in accordance to OWASP (ASVS/MASVS) frameworks. To be successful in this role you’ll need to hold an understanding web application vulnerabilities and black-box/white-box testing techniques.
Responsibilities:
1. Perform product testing of software applications (Web & Mobile).
2. Assist to maintain and improve testing techniques for the IoT and Digital Apps laboratory.
3. To research and identify new potential test equipment /software tools for the IoT laboratory and Digital Apps laboratory.
4. To provide technical assistance with BSI customers, during any potential testing and certification journey.
5. To manage and own all assigned test projects to ensure that agreed timelines are met for the testing of samples.
6. To Prepare Test Reports for clients and deliver on time as agreed in Operational Plan.
7. Lead project, assessment and/or evaluation teams as required.
8. Proactively identifies and represents BSI’s interests with external bodies (e.g., industry associations, standards committees and notified body working groups).
9. Proactively identifies new and/or amended product standards/directives and ensures BSI’s testing schemes are kept up to date and relevant to current market needs.
10. Work with Compliance and Risk team to ensure that the specific products offered in this area by BSI meet all regulatory requirements and that BSI is represented at necessary meetings, committees, etc.
11. Attendance at trade shows, trade and relevant technical committee meetings and there may be a requirement for occasional overseas travel.
12. Maintaining CREST OVS Level or equivalent qualification.
To be successful in the role, you will have:
13. Knowledge of web application security principles, standards, and best practices, such as the OWASP Top 10, the OWASP Mobile Application Security Verification Standard (MASVS), and the OWASP Application Security Verification Standard (ASVS).
14. Experience in performing security testing of web/mobile applications and web services, using both manual and automated tools.
15. Proficiency in one or more programming languages, such as Python, Ruby, Java, or C#,, JavaScript, PHP, or Perl.
16. Familiarity with web application development frameworks, such as Django, Rails, Spring, or ASP.NET, and web technologies, such as HTML, CSS, XML, JSON, or REST.
17. Ability to write clear and concise reports, documenting the parameters, conditions and outcomes of testing activities.
18. Understanding business requirements and applying security without adversely affecting the desired functionality.
19. Performing manual code reviews, open-source software evaluations, and tests as needed.
20. Previous experience in the Testing, Inspection and Certification (TIC) sector would be preferred.
21. Relevant degree such as bachelor’s and master’s degree in computer science, Engineering, Information Security, Technical, Information Technology, Management, Science, Architecture, Technology.
22. High level of interpersonal skills with the proven ability to communicate and influence effectively at all levels.
23. Organised, efficient and methodical in approach, with high attention to detail.
24. Proven experience of managing projects and its resources.
25. Ability to solve problems proactively.
26. Candidates must hold full rights to work & remain in the UK as sponsorship is not available for this position.
BSI offers a competitive total reward package, an independent and varied job in an international environment, flexible working hours, ongoing training and development with the inclusion of Annual Bonus, Contribution Based Pension, Private Healthcare, 27 Days Annual Leave + Bank Holidays, Life Assurance.
Do you believe the world deserves excellence?
We are proud to be the business improvement company for other organisations to become more sustainable and resilient and finally to inspire trust in their products, systems, services, and the world we live in.
Headquartered in London, BSI is the world's first national standards organization with more than 100 years of experience. We are a global partner for 86,000 companies and organizations in over 193 countries, offering development, auditing, certification, and training services, including innovative software solutions and cyber security expertise for all industries: from aerospace and automotive to food, construction, energy, healthcare, IT and trade sectors. Incorporated by Royal Charter, we’re truly impartial, and home to the ultimate mark of trust, the Kitemark.
Through our unique combination of consulting, training, assurance and regulatory services we bring solid and broad knowledge to every company.
If you want to contribute to this inspiring challenge, bring your open and enthusiastic mindset to our dynamic team, apply now and become part of the BSI family!
D&I Policy
BSI is committed to ensuring the diversity of our workforce reflects that of our clients and the communities in which we operate. Our goal is to create a sense of belonging for all employees by providing opportunities to develop, grow, and engage with our global organization all while having fun doing great work. BSI is a community where everyone can thrive.
If you require any reasonable accommodations to be made on account of a disability or impairment throughout out our recruiting process, please inform your Talent Acquisition Partner.
#LI-GC1
#LI-Hybrid
Our Excellence Behaviours: Client-centric, Agile, Collaborative. These three behaviours represent how we do things at BSI. They help us ensure that BSI is a great place to work and a highly successful business.
BSI is conducting face-to-face interviews where appropriate and possible. If you are invited to a face-to-face interview but feel more comfortable with conducting the interview virtually, please speak to a member of our recruitment team.