Senior Security Engineer I

Are you a Penetration Tester looking to develop your career?

Are you skilled in Penetration Testing in Web and Cloud environments?

About our Team

You as a Penetration Tester will join our Security Assurance team, a vital part of our larger security organization.

About the Role

In this position, you'll conduct comprehensive penetration tests on web and cloud environments, identify vulnerabilities, and implement effective mitigation strategies. You'll work closely with diverse teams across the organization to enhance our security posture.

Responsibilities

1. Perform security defect mitigation testing and ensure documented results support remediation efforts.
2. Analyze chronic incidents, abnormal usage, and attack patterns, and tune security telemetry for risk identification, including misuse, fraud, and theft of services.
3. Recommend improvements to tools, processes, and applications to optimize security posture, including identifying gaps and proposing solutions to enhance overall security effectiveness.
4. Develop and maintain scripts to automate cybersecurity tasks and processes.
5. Contribute to the continuous improvement of the organization's security practices and policies.
6. Conduct and document comprehensive penetration testing (manual and automated) of software and technology across web and cloud environments, including static and dynamic code and system configuration security tests. Create detailed technical security assessment reports based on these tests.
7. Identify and assess vulnerability and exploitation risks, developing mitigation and detection methods.

Requirements

1. Experience with secure coding practices, applications security testing tools and techniques (SAST, DAST), and API Security testing.
2. Understanding of cloud and networking, web-based content delivery platforms, filesystem operation, architecture, patching, and security.
3. Ability to identify emerging threats, conduct risk assessments, and leverage security intelligence tools.
4. Possess CISSP, CISM, SANS, GIAC, CCH, or related credentials for ethical hacking/penetration tester certification, and/or security risk assessment certification.
5. Excellent oral and written communication skills and interpersonal skills.
6. Proficiency in Python, Bash, and/or other scripting languages and automation tools for security testing and management.
7. Ability to propose, scope, conduct, report, and remediate manual and automation testing.

Work in a way that works for you

We promote a healthy work/life balance across the organization. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance, and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

1. Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive.

Working for you

We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:

1. Generous holiday allowance with the option to buy additional days.
2. Health screening, eye care vouchers, and private medical benefits.
3. Wellbeing programs.
4. Life assurance.
5. Access to a competitive contributory pension scheme.
6. Save As You Earn share option scheme.
7. Travel Season ticket loan.
8. Electric Vehicle Scheme.
9. Optional Dental Insurance.
10. Maternity, paternity, and shared parental leave.
11. Employee Assistance Programme.
12. Access to emergency care for both the elderly and children.
13. RECARES days, giving you time to support the charities and causes that matter to you.
14. Access to employee resource groups with dedicated time to volunteer.
15. Access to extensive learning and development resources.
16. Access to employee discounts scheme via Perks at Work.

About the Business

A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. At Elsevier, your work contributes to the world's grand challenges and a more sustainable future. We harness innovative technologies to support science and healthcare to partner for a better world.

Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.