Security QA Manager (Security Project Manager) for Testing Center of Excellence (Kyiv)

Ciklum Testing Center of Excellence (TCoE) is a software quality assurance unit in Ciklum, which has been evolved very rapidly for the past 4 years to a mature SQA services provider, concurrently serving up to 30 projects, consisting of 70+ SQA professionals, delivering 5 main service lines.

Our main principles are:

  • People are over processes and hierarchy
  • Flat and open collaboration/communication increases creativity and brings more value to the business
  • Investing in people and innovations ensures your future
  • Reuse and share your experience - Develop best practices, publicize and follow them

Testing Center of Excellence is an optimal environment for your professional involvement and growth.

Testing Center of Excellence is a unique provider of QA Services and QA Consulting in the following areas:

  • Manual Web / Mobile QA Services
  • eCommerce QA Services
  • Automation QA Services
  • Performance QA Services
  • Security QA Services
  • QA Consulting

Testing Center of Excellence Team has the following certificates:

  • QA area - 46 certificates - ISTQB Foundation
  • QA area - 3 certificates - ISTQB Advanced Test Analyst & Test Manager
  • Scrum Master area - 29 certificates - ICAgile Certified Professional
  • Security area - 2 certificate - Offensive Security Certified Professional

QA Awards:

Read more +

Description

On behalf of Testing Center of Excellence, Ciklum is looking for a Security QA Manager (Security Project Manager) to join Kyiv team on a full-time basis.

Responsibilities

  • Security QA Services pre-sales activities
  • Security QA Services delivery documentation preparation
  • Penetration testing (Black Box, Grey Box, White Box) projects management
  • Application security projects management
  • Penetration testing and Application security Reports review, approval
  • Participation in report presentations to Customers

Requirements

  • BS in Computer Science or related field
  • At least 5 years of relevant work experience in one of the following: IT Audit, IT Security
  • Unit, Information security Unit or Consulting company providing Security services.
  • Experience in small and “short-living” project-based sub-teams management (up to 3
  • people).
  • Experience with Security Projects formal documentation preparation (proposals,
  • engagement letters and etc.)
  • Experience (basic level) with various penetration testing tools (e.g. BurpSuite,
  • Metasploit, OWASP ZAP) on Linux and Windows
  • Understanding of security issues happening in HTML, XML, JavaScript, CSS, SQL,
  • JSON and ability to define risk for particular issue using provided methodology.
  • Understanding of security issues happening in Android / iOS applications and ability to
  • define risk for particular issue using provided methodology.
  • Knowledge and understanding of Application Security, System and Network Security,
  • Authentication and Security protocols
  • Familiarity with OWASP Testing Guide, OWASP Top 10, WASC-TC
  • Upper intermediate English level

Desirable

  • Professional certifications. For example, issued by: Offensive Security, SANS, CREST, Mile2, eLearnSecurity, SecurityTube, ISACA, (ISC)2 and EC-Council.
  • Experience with Bug Bounty programs (e.g. BugCrowd, HackerOne)
  • Security related publications, blog posts, and/or participation in tools development

Personal skills

  • Sharp analytical abilities and proven design skills, good ability to learn, resourcefulness, self-motivated, goal-driven, result-oriented
  • Ability to pay attention to details
  • Ability to defend personal point of view

What's in it for you

  • Very close cooperation with client
  • Possibility to propose solutions on a project
  • Dynamic and challenging tasks.
  • Ability to influence project technologies.
  • Team of professionals: learn from colleagues and gain recognition of your skills.
  • Low bureaucracy, European management style.
  • Continuous self-improvement.
  • Trainings
  • ISTQB Certification preparation
  • QA knowledge sharing meetings

Client video presentation

Apply via site