Job Vacancy Senior Test Engineer (Security)

This is an exciting opportunity in the Digital Services team! You'll be joining our team at a time of transformation, and you will be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement.

We are looking for an enthusiastic Senior Test Engineer (Non-Functional Security) with great technical skills able to coach and mentor other testers and deliver the non-functional testing workstreams such as security and penetration testing.

You will be part of our non-functional testing specialist team, working collaboratively with your team and overseeing the testing journey.

This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services.

This is a rewarding role within the Test Team and provides an opportunity to contribute to the success of existing and future services provided by Companies House.

Companies House offers a flexible and welcoming culture that promotes a healthy work life balance as well as a proactive approach to wellbeing that allows us to be our best at work. We recognise that people are the key to our success so offer a fantastic benefits package including flexible working with no core hours, 30 days annual leave, 8 bank holidays and 1 privilege day as well as enrolment into the Civil Service Pension scheme with a contribution rate averaging 28%.

Our approach to hybrid working provides opportunities for you to be adaptable in the way you work so that you can achieve a healthy balance between your work and home life. We currently expect people to attend their base office a minimum of one day a week but the exact degree of choice you have will depend on your role and your day-to-day work activities and should be agreed through discussions with your line manager. Remote contracts will only be offered to successful candidates who are not within a commutable distance to our Cardiff, Belfast or Edinburgh offices. If you are located in a reasonable distance to one our offices, you will receive a hybrid contract aligned to one of our offices.

Job description

As a Senior Test Engineer focusing on security you will;

• Working with your team you will co-ordinate security testing within the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, testing security related issues.
• Provide advice, coaching and mentoring to testers on non-functional testing subjects such as security, performance and accessibility testing.
• Attend meetings and provide stakeholders with updates.
• Design and implement pipeline solutions for any non-functional testing services.
• Be called upon to support the performance testing team when required.

Further information on the Test Engineering profession and skills expected of a Senior can be found .

Person specification

We are looking for the following, which will be assessed at sift, technical stage and interview. Please refer to the bullet points in bold when writing your personal statement, including working examples to demonstrate your level of skill.

• Experience in Security testing is essential.
• A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing, OR currently working towards this OR have proven working experience is essential.
• Certified Agile Tester or equivalent Agile working experience.
• Experience of Non-Functional testing practices including Security, Performance and Accessibility Testing.
• Has a working knowledge of a minimum of 5 of the following:

1. Jenkins / Concourse
2. JMeter
3. API
4. OAuth2
5. SQL
6. XML
7. AWS
8. Unix based systems
9. MongoDB
10. InfluxDB
11. Oracle
12. Version control
13. Postman/SOAP UI
14. Karate/Rest
15. Burp Scanner
16. OWASP ZAP
17. Accessibility tools such as Wave & Screen readers

Behaviours

We'll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Managing a Quality Service
• Working Together
• Seeing the Big Picture

Technical skills

We'll assess you against these technical skills during the selection process:

• Penetration testing/ethical hacking
• Security tooling

Benefits

We offer an excellent benefits package that includes:

• a generous 30 days annual leave plus 8 bank holidays and 1 privilege day
• enrolment into the  with a contribution rate of averaging 28%
• a range of recognition schemes including instant awards to thank and recognise each other's efforts and contributions
• strong ethos of equality, diversity and inclusion
• great work life balance with flexible and mobile working available for many roles
• a pro-active approach to employee wellbeing that allows our employees to flourish and be their best at work and has enabled us to become an  platinum accredited employer
• online financial support and advice
• seasonal flu jabs
• generous maternity, paternity, adoption and shared parental leave allowances
• a focus on career development and progression
• a number of inclusive network groups to support our colleagues and a great sports and social society
• cycle to work scheme
• staff discount scheme
• holiday play scheme for children
• 3 days paid volunteering leave

In your application form we'd like you to:

1. Tell us about your employment history, including key responsibilities, projects worked on and achievements specifically relevant to the responsibilities and experience detailed above. We're keen to know the depth of your skills and experience so please include any details to demonstrate these.
2. Write a personal statement of 500 words where you demonstrate how you meet the required experience detailed in the bold bullet points in the person specification, including work-based examples to demonstrate your level of skill:

• Experience in Security testing is essential.
• A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing, OR currently working towards this OR have proven working experience is essential.

What will the process look like?

• We will sift applications and then invite successful candidates from the sift stage to attend a technical assessment stage.
• At sift candidates will be assessed against experience in the advert and are asked to supply work history/personal statement and reference any transferable skills using the job description for reference. The personal statement should address how you demonstrate the bullet points in bold listed in the person specification (and above).
• Candidates successful at sift will progress to the assessment stage, where you will asked to complete a technical activity to demonstrate the technical skills and experience listed in the job description. This will be assessing Technical Skills: Penetration testing/ethical hacking, and Security tooling. A work-based scenario will be emailed across to you and you will be asked to return your workings within a specified deadline.
• For candidates successful at technical assessment stage, the final stage is an interview (via Teams). At interview candidates will be assessed against the Behaviours and Technical Skills listed in the advert and we will use Success Profiles Behaviours and Technical Skills. As part of the interview you will be asked to talk through your technical assessment activity.

Key dates

We plan to sift w/c 20 January, technical assessment w/c 20 January and w/c 3 February and interview w/c 10 & 17 February. This might need to change - we will keep you informed as you move through the process.

Next Steps

Click 'Apply Now' to be taken to our main advert Civil Service Jobs where you can see more details regarding the role, the incredible benefits we have to offer and what it's like to work in Companies House.

If you have any questions about the role or process, please reach out to .

This role closes on 19 January 2025.