Get AI-powered advice on this job and more exclusive features. Direct message the job poster from EPAM Systems Talent Acquisition Specialist - EPAM Systems - EPAM Anywhere EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential. We are on the lookout for a highly competent and proactive Lead Security Tester with a robust background in vulnerability management and engineering skills to become part of our team. In this pivotal role, you will oversee the management of vulnerabilities within our secure software repository and provide precise, comprehensive updates and justifications for Common Vulnerabilities and Exposures that impact our products. You will also play a crucial role in automating manual processes to boost operational efficiency and scalability. Responsibilities Detect, evaluate, and rank vulnerabilities in Mobile and Web applications Offer technical justifications, mitigations, and updates for Common Vulnerabilities and Exposures, aligning with industry best practices Work collaboratively with development, operations, and security teams to ensure timely remediation of vulnerabilities Provide in-depth vulnerability assessments and suggest justifications and strategies for CVE remediation Address inquiries regarding vulnerability disclosures accurately and succinctly Build and sustain a comprehensive knowledge base of vulnerability reports and justifications for both internal and external stakeholders Design and implement automation scripts, tools, and workflows to enhance the efficiency of vulnerability management processes Generate dashboards and reports to monitor and communicate vulnerability metrics Act as a technical intermediary among internal security teams, product owners, and external partners, aligning on vulnerability management objectives Drive the continuous enhancement of security operations through process improvements and innovative practices Requirements More than 5 years of experience in Java development with an emphasis on security applications At least one year of leadership and team management experience Hands-on proficiency with vulnerability scanning tools and CVE databases like NowSecure and HCL App Scan Skilled in manual penetration testing for both mobile and Web applications Advanced proficiency in scripting and automation using Python, and experience with frameworks such as Ansible or Terraform Experience in managing containerized environments including Docker and Kubernetes, alongside secure software development practices A solid understanding of common security standards and frameworks such as OWASP, NIST, ISO 27001, and PSI DSS Knowledge of cloud platforms like AWS, Azure, GCP, and their security configurations Familiarity with security orchestration and automation platforms Exceptional written and verbal communication skills for translating complex technical concepts effectively Capability to manage multiple tasks and priorities in a fast-paced, collaborative environment Analytical thinker with strong problem-solving skills and meticulous attention to detail Fluent English skills at a B2 level or higher Nice to have Experience with secure software repositories and hardened containers We offer International projects with top brands Work with global teams of highly skilled, diverse peers Healthcare benefits Employee financial programs Paid time off and sick leave Upskilling, reskilling and certification courses Unlimited access to the LinkedIn Learning library and 22,000+ courses Global career opportunities Volunteer and community involvement opportunities EPAM Employee Groups Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn Seniority level Mid-Senior level Employment type Full-time Job function Business Development, Information Technology, and Engineering Industries Software Development, IT Services and IT Consulting, and Travel Arrangements #J-18808-Ljbffr