Lead Principle Security QA Engineer

Social network you want to login/join with:

Client: LA International

Location: London, United Kingdom

Job Category: -

EU work permit required: Yes

Job Reference: 1170e2a1d81a

Job Views: 3

Posted: 14.05.2025

Expiry Date: 28.06.2025

Role: Lead Principle Security QA Engineer
Rate: Inside IR35
Location: likely 2 days a week onsite in London or Croydon.
Duration: 6 months +
SC cleared or eligible.

The Home Office is developing an internal Security Testing capability within the Quality Assurance and Testing function. As a Principal Cyber Security Professional, you will work within the Home Office Cyber Security (HOCS) team, collaborating with senior security stakeholders to develop and lead the security testing services, representing security testing for the Home Office. Strong communication and professionalism are essential, as you will work closely with senior security colleagues across the organization.

Your role within Security Testing will involve delivering security testing, vulnerability assessments, and ensuring security compliance to protect Home Office services. You will provide technical security risk advice to stakeholders, ensuring the secure delivery of solutions and services.

1. Lead the development and delivery of security testing documentation to support the security testing service.
2. Coordinate with internal and external partners to provide security testing and assurance in line with policies and regulations.
3. Support security assessments, penetration testing, and other non-functional security testing, documenting findings.
4. Offer vulnerability management and security compliance expertise across on-premise and cloud solutions.
5. Collaborate with project teams to provide security testing expertise.
6. Act as an escalation point for security testing incidents.
7. Research and adopt new security testing technologies and methods.
8. Assess threats and vulnerabilities, and communicate risks effectively.
9. Stay updated on new threats and vulnerabilities, recommending remedial actions.

• Experience in applying technical security controls, understanding threats, vulnerabilities, and security best practices.
• Passion for security testing and continuous development in this field.
• Relevant certifications such as CREST, Offensive Security, SANS/GIAC, or equivalent.
• Experience conducting diverse security tests in various environments.
• Proficiency with vulnerability management tools and reporting.
• Strong communication skills for engaging with stakeholders at all levels.
• Team collaboration, knowledge sharing, and training abilities.
• Knowledge of OWASP Top 10, CVE databases, etc.
• Understanding of Agile and DevOps practices related to testing and delivery.
• Experience integrating security testing into CI/CD pipelines.

• Knowledge of penetration testing tools and techniques.
• Experience in compiling security testing reports and stakeholder communication.
• Ability to develop and deliver security aspects of projects.
• Understanding of IT infrastructure, network protocols, encryption algorithms, PKI, SSL/TLS, SIEM, and OS patching.

Due to the urgency and security nature of this role, candidates with or who have held high-level security clearance are encouraged to apply. Successful applicants will need to undergo security clearance, which may take up to 10 weeks.