Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Senior Security Tester

Colombia
Security.Testing, CI/CD, Cloud, Penetration testing, Vulnerability Management, Amazon Web Services

We are seeking a skilled and proactive Senior Security Tester with expertise in vulnerability management and strong engineering skills to join our team. In this role, you will manage vulnerabilities within a secure software repository and deliver clear, comprehensive updates and justifications for Common Vulnerabilities and Exposures affecting our products. Additionally, you will contribute to automating manual processes to enhance operational efficiency and scalability.

Responsibilities
  • Identify, analyze, and prioritize vulnerabilities in Mobile and Web applications
  • Provide technical justifications, mitigations, and updates for Common Vulnerabilities and Exposures, ensuring alignment with industry best practices
  • Collaborate with development, operations, and security teams to ensure vulnerabilities are remediated promptly
  • Deliver detailed vulnerability statements and provide justifications and remediation strategies for CVEs
  • Respond to inquiries related to vulnerability disclosures with clarity and precision
  • Enrich and maintain an extensive knowledge base of vulnerability reports and justifications for internal and external use
  • Develop and implement automation scripts, tools, and workflows to streamline vulnerability management processes
  • Create dashboards and reports to track and communicate vulnerability metrics
  • Serve as a technical liaison between internal security teams, product owners, and external partners to ensure alignment on vulnerability management goals
  • Contribute to the continuous improvement of security operations through process refinement and innovation
Requirements
  • Bachelor's Degree in Computer Science or a related field; Master’s degree preferred
  • Over 3 years of experience in Security Testing
  • Hands-on experience with vulnerability scanning tools and CVE databases such as NowSecure and HCL App Scan
  • Proficiency in manual penetration testing for both mobile and Web applications
  • Advanced skills in scripting and automation using Python, with familiarity in frameworks like Ansible or Terraform
  • Experience with containerized environments such as Docker and Kubernetes, alongside secure software development practices
  • Understanding of common security standards and frameworks including OWASP, NIST, ISO 27001, and PSI DSS
  • Familiarity with cloud platforms like AWS, Azure, GCP, and their security configurations
  • Knowledge of security orchestration and automation platforms
  • Strong written and verbal communication skills to effectively translate complex technical concepts
  • Ability to manage multiple tasks and priorities in a dynamic, collaborative environment
  • Analytical mindset and problem-solving skills with high attention to detail
  • Fluent English skills at a B2 level or higher
Nice to have
  • Experience with secure software repositories and hardened containers
Benefits
  • International projects with top brands
  • Work with global teams of highly skilled, diverse peers
  • Healthcare benefits
  • Employee financial programs
  • Paid time off and sick leave
  • Upskilling, reskilling and certification courses
  • Unlimited access to the LinkedIn Learning library and 22,000+ courses
  • Global career opportunities
  • Volunteer and community involvement opportunities
  • EPAM Employee Groups
  • Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn