Security Test Engineer - North Lanarkshire

Tester (QA Analyst) - IT
Ref: 282 Date Posted: Monday 10 Nov 2025

The Security Test Engineer will be responsible for ensuring the security robustness of software and firmware components within our product portfolio. This role involves conducting threat modeling, security testing, and vulnerability assessments, while ensuring compliance with internal processes and industry standards. The ideal candidate will be passionate about cybersecurity, detail-oriented, and experienced in testing within industrial environments.

 

PRINCIPLE JOB RESPONSIBILITIES

  • Perform security requirements analysis and threat modeling.
  • Conduct risk analysis and define test strategies aligned with security objectives.
  • Plan, execute, and report on security testing activities, including:
    • Tool and technique selection
    • Security requirements testing
    • Threat mitigation testing
    • Vulnerability testing
    • Abuse case testing
    • Attack surface analysis
    • Regression testing
    • Test automation
  • Analyze, report, and track security defects
  • Ensure compliance with internal processes and applicable standards (e.g. IEC 62443, ISO 27001).
  • Support internal and external audits as required.
  • Drive continuous improvement by staying updated on emerging threats, tools, and best practices.
  • Occasional travel may be required, such as training or customer support.
  • Other responsibilities or tasks that are within your skills and abilities, whenever reasonably instructed. The business reserves the right to make reasonable adjustments in line with business requirements. This job description is non-contractual and is for information and mutual understanding of both parties.

 

REQUIRED QUALIFICATIONS AND EXPERIENCE

  • Minimum 5 years of experience in software and/or firmware testing
  • Engineering degree in Software, Computer Science, Cybersecurity or equivalent demonstrated knowledge.
  • Proficiency with tools such as Burp Suite, OWASP ZAP, Nessus, Metasploit, Wireshark, Nmap, Fortify, Checkmarx.
  • Knowledge of scripting languages such as Python, JavaScript, Bash, or PowerShell.
  • Understanding of encryption algorithms, key management, and secure protocols (TLS, SSH, etc.)
  • Strong understanding of common vulnerabilities (e.g., OWASP Top 10, CWE/SANS Top 25).
  • Familiarity with Linux, Windows, and network protocols (TCP/IP, DNS, HTTP/S).
  • Understanding of industrial protocols (e.g., Serial, Modbus, HART).
  • Knowledge of industry standards: IEC 62443, ISO 27001, NIST, OWASP.
  • Experience implementing DevSecOps best practices; Azure DevOps experience is a plus.
  • Self-directed and motivated in a team orientated environment


Download Job Profile

Cookies on this website
We to ensure that we give you the best experience on our website. If you wish you can restrict or block cookies by changing your browser setting. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on this website.

View our Cookie Policy

Accept Essential OnlyAccept All