Job Description
Position Overview
The primary responsibility for the Global Application Penetration Tester is to manage a superior security level through executing, following up and aligning (cyber) security penetration testing activities for Diebold Nixdorf’s applications and solutions.
The Global Application Penetration Tester will run application penetration testing on application level and will act as a liaison between the different parties and stakeholders involved in providing Diebold Nixdorf’s solutions, offerings and services to our customers. The individual has to provide strong communication skills and capabilities to articulate identified issues and resolution steps to support stakeholders with bringing findings to resolution. A strong combination of technical administration, troubleshooting, communication, and documentation skills is vital to the position’s success!
You are responsible for

  • Executing and expanding the company’s global penetration testing program for applications
  • Alignment with stakeholders on execution of penetration testing throughout the application lifecycle
  • Alignment with customers on customer driven penetration testing using third parties
  • Driving mitigation and resolution of potential findings with the respective stakeholders
  • Establish relations with third party penetration testing companies on a global scale
  • Leading security related customer meetings on executive level

Qualifications

  • Proven experience in executing penetration and web application security tests, as well as follow up tests performed by others and conduct audit response
  • (preferred)
  • Proven ability to translate technical risks into business risks and vice versa
  • Strong technical background (with preference to software development)
  • Self-starting and pro-active manner
  • Structured approach to work
  • Ability to work in multi-national teams
  • Cultural sensitivity
  • CEH certification

Preferred Qualifications

  • Project Management skills
  • CRISC, CVA
  • Security Standards knowledge: PCI, EMV, ISO 27001, Cloud Security (DEVSECOPS)
  • Knowledge in banking and retail software solutions
  • Awareness of Fraud management related processes and procedures
  • Awareness of consulting principles including process analysis with fraud/security background
  • Firsthand experience in sales support activities (presentations, customer visits, proposal development
  • Strong networking skills
  • Willingness to participate in official security certifications (e.g. CISSP/CISM) if not existing
  • Willingness to contribute to the creation and maintenance of company-wide security information policies, controls, standards, and processes

Source link