Lead Penetration Tester

Overview

WELCOME TO SITA

We're the team that keeps airports moving, airlines flying smoothly, and borders open. Our tech and communication innovations are the secret behind the success of the world's air travel industry.

You'll find us at 95% of international hubs. We partner closely with over 2,500 transportation and government clients, each with their own unique needs and challenges. Our goal is to find fresh solutions and cutting-edge tech to make their operations run like clockwork. Want to be a part of something big?

Are you ready to love your job? The adventure begins right here, with you, at SITA.

PURPOSE

As a Lead Penetration Tester , part of the SITA Enterprise Information Security Office, you will assess SITA infrastructure and products to identify information security weaknesses and provide remediation strategies. You will also contribute to the automation of security testing as part of the product development lifecycle.

KEY RESPONSIBILITIES

• Conduct authorized assessment of infrastructure and applications to proactively identify security weaknesses.
• Verify weaknesses by leveraging attacker techniques to evaluate the difficulty and effectiveness of potential attack from various threat actors.
• Provide comprehensive and actionable recommendations to counter the threat posed by identified security weaknesses, given the applicable threat landscape.
• Bring an offensive mindset to the design of internal solutions and provide input to the selection of countermeasures and security controls through technical risk assessment.
• Report findings to technical audiences (e.g. : product development teams, IT, operations), and to business management and leadership, indicating the impact to the business of verified weaknesses found.
• Research and develop testing tools, techniques and processes.
• Assist incident response and security threat surveillance functions to advise on current attacker tools, techniques and procedures.
• Contribute to the continuous improvement of security processes, tools and techniques to counter threats faced by SITA and our customers.
• Contribute to the automation of security activities as part of the DevOps lifecycle.
• Provide guidance on secure product design : Threat Modelling, architecture reviews.

Qualifications

EXPERIENCE

5-7 years' experience in at least three of the following fields :

KNOWLEDGE & SKILLS

PROFESSION COMPETENCIES

CORE COMPETENCIES

EDUCATION & QUALIFICATIONS

WHAT WE OFFER

We're all about diversity. We operate in 200 countries and speak 60 different languages and cultures. We're really proud of our inclusive environment. Our offices are comfortable and fun places to work, and we make sure you get to work from home too. Find out what it's like to join our team and take a step closer to your best life ever.

Flex Week : Work from home up to 2 days / week (depending on your team's needs)

Flex Day : Make your workday suit your life and plans.

Flex-Location : Take up to 30 days a year to work from any location in the world.

Employee Wellbeing : We have got you covered with our Employee Assistance Program (EAP), for you and your dependents 24 / 7, 365 days / year. We also offer Champion Health - a personalized platform that supports a range of wellbeing needs.

Professional Development : Level up your skills with our training platforms, including LinkedIn Learning!

Competitive Benefits : Competitive benefits that make sense with both your local market and employment status.

SITA is an Equal Opportunity Employer. We value a diverse workforce. In support of our Employment Equity Program, we encourage women, aboriginal people, members of visible minorities, and / or persons with disabilities to apply and self-identify in the application process. #J-18808-Ljbffr