• Notera att ansökningsdagen för den här annonsen kan ha passerat. Läs annonsen noggrant innan du går vidare med din ansökan.

Would you be interested in working with security testing to make sure our production applications and -systems are secure?

About the team

Operational Excellence (OpEx) is a Cross functional team within IT Operations. OpEx unit ensures operational stability and seamless deliveries both internally and from our IT vendors, as well as drives continuous improvement. Within the Site Reliability and Process Operations unit we have a team of engineers which focuses on securing and continuously improving reliability, robustness, scalability, and continuity for the whole If IT landscape. This is done in close co-operation with IT security, application teams and vendors, as well as with the IT support organization.

About the role

We are searching for an experienced Security Testing Engineer focusing on supporting security functions and related processes. While various security review and testing activities are already taking place, this role would solely focus on security testing If’s production applications and -systems. You will have an important internal consultancy role to share knowledge, create instructions, train- and help the dev teams together with other Site Reliability Engineers and IT Security.

We offer you an inspiring and challenging position that enables you to develop your role and skills by performing offensive security testing against vast amount of business applications and systems. You will get an opportunity to operate within a very modern hybrid IT environment. You will be part of an informal and performance-oriented culture and have a flexible work-life where not one day is the same as the other.


• As a security testing expert, you’ll conduct and participate in offensive security tests against If’s applications and systems.

• Assess security maturity of networks, assets, hardware, platforms, and applications from adversary point of view.

• Plan security testing roadmap.

• Run and maintain automated security scan solutions and attack surface management tools.

• Report on and prioritize findings to development teams, vendors, IT Security team, and other stakeholders.

• Support IT Security team and collaborate with development teams to address security defects before, after and during development.

• Develop and maintain tools and techniques for security testing and attack surface management.

• Communicate new developments, breakthroughs, challenges, and lessons learned to relevant team members and leadership.

• Participate in developing internal processes and frameworks around security testing.

• Lead and collaborate on additional projects, assignments or initiatives as required.

• Show commitment to learning and the never-ending curiosity of all things related to security.

Who are you?

In order to succeed in this role, you will need

• Suitable degree (e.g., Bachelor's degree in Computer Science or a related field)

• Related certificates (e.g., OSCP) are considered as an advantage.

• Overall understanding and hands-on experience of IT services, operations, infrastructure, and application development

• At least two years performing security testing as a primary job responsibility, including the use of professional penetration testing tools (e.g., Burp Suite)

• Sound understanding of application and network security vulnerabilities (e.g., OWASP Top 10), defence techniques and security best practices

• Experience with modern application development languages and frameworks (e.g., Node.js, Java, Python, React, Angular).

• Basic scripting skills in PowerShell and Visual Basic are considered as an advantage.

• Capabilities to communicate in one Nordic language as well as fluent in English, both written and oral.

• Systematic problem-solving approach coupled with strong communication skills and a sense of ownership and drive.

Additional facts and recruitment process

Application deadline: Last date to apply is 21st of May. However, we will start screening and interviewing already during the application period.

Location: Turku, Espoo, Stockholm, Oslo or Copenhagen.

To apply for the position: Please attach your CV and answer in the questions on the application form. Please notice that we are not able to process any applications via email.

Travelling: Some travelling will be required since the role has responsibility throughout the countries in which If operates.

Background check: Final candidates will undergo a background check before a job offer can be presented.

For more information regarding the position, please contact Head of Site Reliability Engineering and Process Operations Jessica Östergren, [email protected].

We are eager to hear from you!

Detta är en jobbannons med titeln "Security Testing Engineer" hos företaget If Skadeförsäkring AB (publ) och publicerades på webbjobb.io den 26 april 2024 klockan 09:22.

Hur du söker jobbet

webbjobb-logo-white webbjobb-logo-grey webbjobb-logo-black