Junior Information Security Specialist.
£45,000 Per Year
Who we are looking for
An Information Security Specialist who will focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely.
The Information Security team deal with the security of closed-sourced, open-source and in-house written applications. The objective is to ensure that systems and services are built with privacy and security by design.
You will be working closely with the Software Development team, to confirm that application based vulnerabilities are understood and mitigated. This is done from a security assessment point of view rather than code QA, therefore code reading skills are desirable.
The team comprises of a variety of individuals, ranging from graduates to time served engineers with backgrounds as sys-admin, networks, service operation as well as security. We use first-class, enterprise-level tools to identify threats to the systems as well as in house developed scripts and internet research.
This role is eligible for inclusion in the Company’s hybrid working from home policy.
Preferred skills and experienceBroad understanding of technology functions as they relate to Information Security.
Use of planned, structured methodologies for conducting and reporting on Web Application Penetration Testing.
Understanding and demonstrable experience of automated, dynamic and static application security testing tools, as well as manual security testing to find vulnerabilities and logical issues.
Examination of packets using Wireshark and other related tools.
Understanding of industry standard Information Security practices.
Offensive Security Certified Professional (OSCP) certification or similar is desirable.
Strong communication skills and personable.
High attention to detail.
Excellent documentation skills.
Ability to work to deadlines.
Main ResponsibilitiesSupporting the project process to ensure that Information Security aspects are considered up front and throughout the project lifecycle.
Taking responsibility for the security of the tested product within the project context.
Conducting manual and automated source code review.
Contributing to and utilising bet365 security testing methodologies, creating and updating technical documentation as necessary.
Completing security vulnerability analysis/assessment and taking an active role in external audits as necessary.
Developing an understanding of the wider business.
Liaising with Software Development to ensure that security is considered throughout the lifecycle.
Identifying any security flaws within the business software and manage through appropriately, liaising with external bodies as necessary.
Identifying and developing new tools that could be beneficial in the security testing process.
Staying up to date with new and emerging threats.