Application Security Test Engineer

Since early 2000 we have supported our clients on a vast number of projects, all over the world. Our consultant pool consists of Swedish and non-Swedish consultants within the fields of embedded systems, telecommunication, IoT, security, online solutions and application development. We are now looking for an Application Security Test Engineer.


ResumApps is a workstream within the Resumo program. The purpose of ResumApps is to improve the IT-security of company software and application infrastructure, by both short and long-term initiatives.
IFA Transformation is one of the initiatives within ResumApps. It is a Roll-out activity focusing on internet-facing applications. Applications teams are expected to improve their security by:
Introducing Security Test Tools into their SDLC (SAST, SCA, DAST in Dev, DAST etc.)
Identify and remediate vulnerabilities
Introduce Security Standards (ASVS for Web) and (MASVS for Mobile Applications) into their SDLC
Secure conformance to L1 Security Requirements (ASVS/MASVS)
Understand how to evaluate conformance of ASVS Security Requirements



In total the IFA Transformation effort target around ~200 web applications and ~140 Mobile applications
The IFA Transformation team is looking for an Application security testing engineer, who can support the application teams in scope for the transformation with:
Implementation of security Test tools into the application pipeline:
SonarQube (DAST)
Dependency Checker (SCA)
Black Duck (SCA)
ZAP (Dast in Dev)
Help application teams separate false positives from vulnerabilities that require attention
Help application teams integrate vulnerability remediation as part of the SDLC
Documentation of instructions and guides
Support with scripting for test automation targeting identification of security conformance gaps in relation to ASVS/MASVS
Support teams on how to efficiently use unit tests and integration tests for revealing security requirement conformance in relation to ASVS/MASVS



You will be part of an IFA Transformation team of around 20 ppl that are working remotely and are distributed globally.


Start: asap.
Duration: longterm.
Extent: full-time, 40h/week. Paid overtime can be requested.
Compensation: Negotiable. We offer a competitive salary, primarily in the form of a longterm employment and according to Swedish standards; governmental pension plan, five weeks paid vacation, iPad/laptop, mobile phone with data plan subscription, health care insurance, income level insurance, work liability insurance, language course support, sports activity contribution.


More information and benefits you will have as an employee in Sweden:
http://www.forsakringskassan.se/sprak/eng/
http://www.pensionsmyndigheten.se/AboutYourPensions_en.html


Join our team and be a part of a competitive and inspiring future!