Security Project Manager for Testing Center of Excellence (Kyiv)

Kyiv, Amosova, Ukraine

Apply

Ciklum Testing Center of Excellence (TCoE) is a software quality assurance unit in Ciklum, which has been evolved very rapidly for the past 4 years to a mature SQA services provider, concurrently serving up to 30 projects, consisting of 70+ SQA professionals, delivering 5 main service lines.

Our main principles are:

  • People are over processes and hierarchy
  • Flat and open collaboration/communication increases creativity and brings more value to the business
  • Investing in people and innovations ensures your future
  • Reuse and share your experience - Develop best practices, publicize and follow them

Testing Center of Excellence is an optimal environment for your professional involvement and growth.

Testing Center of Excellence is a unique provider of QA Services and QA Consulting in the following areas:

  • Manual Web / Mobile QA Services
  • eCommerce QA Services
  • Automation QA Services
  • Performance QA Services
  • Security QA Services
  • QA Consulting

Testing Center of Excellence Team has the following certificates:

  • QA area - 46 certificates - ISTQB Foundation
  • QA area - 3 certificates - ISTQB Advanced Test Analyst & Test Manager
  • Scrum Master area - 29 certificates - ICAgile Certified Professional
  • Security area - 2 certificate - Offensive Security Certified Professional

QA Awards:

Read more about the client

Description

On behalf of Testing Center of Excellence, Ciklum is looking for a Security Project Manager to join Kyiv team on a full-time basis.

Responsibilities

  • Pre-sales activities for Security QA Services
  • Drafting delivery documents for Security QA Services
  • Management of penetration testing projects
  • Management of application security projects
  • Review and approval of Penetration testing and Application security reports
  • Participation in report presentations to Customers

Requirements

  • BS in Computer Science or related field
  • At least 5 years of relevant work experience in one of the following: IT Audit, IT Security Unit, Information security Unit or Consulting company providing Security services.
  • Experience in small and “short-living” project-based sub-teams management (up to 3 people).
  • Experience with Security Projects formal documentation preparation (proposals, engagement letters and etc.)
  • Experience (basic level) with various penetration testing tools (e.g. BurpSuite, Metasploit, OWASP ZAP) on Linux and Windows
  • Understanding of security issues happening in HTML, XML, JavaScript, CSS, SQL, JSON and ability to define risk for particular issue using provided methodology.
  • Understanding of security issues happening in Android / iOS applications and ability to define risk for particular issue using provided methodology.
  • Knowledge and understanding of Application Security, System and Network Security,
  • Authentication and Security protocols
  • Familiarity with OWASP Testing Guide, OWASP Top 10, WASC-TC
  • Upper intermediate English level

Desirable

  • Professional certifications. For example, issued by: Offensive Security, SANS, CREST, Mile2, eLearnSecurity, SecurityTube, ISACA, (ISC)2 and EC-Council.
  • Experience with Bug Bounty programs (e.g. BugCrowd, HackerOne)
  • Security related publications, blog posts, and/or participation in tools development

Personal skills

  • Sharp analytical abilities and proven design skills, good ability to learn, resourcefulness, self-motivated, goal-driven, result-oriented
  • Ability to pay attention to details
  • Ability to defend personal point of view

What's in it for you

  • Possibility to propose solutions on a project
  • Dynamic and challenging tasks.
  • Ability to influence project technologies.
  • Team of professionals: learn from colleagues and gain recognition of your skills.
  • Low bureaucracy, European management style.
  • Trainings
  • Knowledge sharing meetings