Enable job alerts via email!

Security Test Engineer

McNally Recruitment Ltd

Scotland

Hybrid

GBP 50,000 - 70,000

Full time

8 days ago

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A cybersecurity recruitment agency is seeking a Security Test Engineer in Scotland. This role involves ensuring the security robustness of software with responsibilities including threat modeling and security testing. The ideal candidate should have at least 5 years of experience, proficiency in security tools, and a strong understanding of vulnerabilities. The position is hybrid, requiring 4 days on-site in the Scottish office.

Qualifications

Minimum 5 years of experience in software and/or firmware testing.
Proficiency with tools for security testing.
Knowledge of scripting languages such as Python, JavaScript, Bash, or PowerShell.

Responsibilities

Perform security requirements analysis and threat modeling.
Drive continuous improvement by staying updated on emerging threats.
Support internal and external audits as required.

Skills

Cybersecurity expertise

Threat modeling

Security testing

Vulnerability assessments

Detail-oriented

Education

Engineering degree in Software, Computer Science, or Cybersecurity

Tools

Burp Suite

OWASP ZAP

Nessus

Metasploit

Wireshark

Nmap

Fortify

Checkmarx

The Security Test Engineer will be responsible for ensuring the security robustness of software and firmware components within our product portfolio. This role involves conducting threat modeling, security testing, and vulnerability assessments, while ensuring compliance with internal processes and industry standards. The ideal candidate will be passionate about cybersecurity, detail‑oriented, and experienced in testing within industrial environments.

PLEASE NOTE the client will only accept candidates who are authorised to work in the UK, without the requirement for sponsorship or any type of visa (e.g. dependant/spousal, post‑study, etc.).

In addition, this role hybrid based with 4 days in the Scottish office, therefore you should currently be located in Scotland.

Principle Job Responsibilities

Perform security requirements analysis and threat modeling.
Conduct risk analysis and define test strategies aligned with security objectives.
Plan, execute, and report on security testing activities, including:
- Tool and technique selection
- Security requirements testing
- Threat mitigation testing
- Vulnerability testing
- Abuse case testing
- Attack surface analysis
- Regression testing
- Test automation
Analyze, report, and track security defects.
Ensure compliance with internal processes and applicable standards (e.g. IEC 62443, ISO 27001).
Support internal and external audits as required.
Drive continuous improvement by staying updated on emerging threats, tools, and best practices.
Occasional travel may be required, such as training or customer support.

Required Qualifications and Experience

Minimum 5 years of experience in software and/or firmware testing
Engineering degree in Software, Computer Science, Cybersecurity or equivalent demonstrated knowledge.
Proficiency with tools such as Burp Suite, OWASP ZAP, Nessus, Metasploit, Wireshark, Nmap, Fortify, Checkmarx.
Knowledge of scripting languages such as Python, JavaScript, Bash, or PowerShell.
Understanding of encryption algorithms, key management, and secure protocols (TLS, SSH, etc.).
Strong understanding of common vulnerabilities (e.g., OWASP Top 10, CWE/SANS Top 25).
Familiarity with Linux, Windows, and network protocols (TCP/IP, DNS, HTTP/S).
Understanding of industrial protocols (e.g., Serial, Modbus, HART).
Knowledge of industry standards: IEC 62443, ISO 27001, NIST, OWASP.
Experience implementing DevSecOps best practices; Azure DevOps experience is a plus.
Self‑directed and motivated in a team oriented environment.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.