Job Descriptions

Use this tool to access job descriptions for your next hire. Search by skills or job titles and download the job description to help you get started. Tip: You can use this tool to help ensure your own resume is up-to-date with the latest job requirements.

You may search job titles by skills within selected career category
Information System Security Officer (ISSO)
Chief Information Security Officer (CISO)
Information Security (IS) Auditor
Security Architect
Security Automation Engineer
Secure Software Assessor
Cryptographer/Cryptanalyst
Information Systems Security Developer
Operational Technology Systems Analyst
Security Engineer
Supply Chain Security Analyst
Security Testing and Evaluation Specialist Identity Management & Authentication Support Specialist
Encryption / Key Management Support Specialist
Data Privacy Specialist
Cybersecurity Operations Technician
Cybersecurity Incident Responder
Cybersecurity Malware Specialist
Digital Forensics Analyst
Cybersecurity Operations Analyst
Vulnerability Assessment Analyst
Information Systems Security Manager - Cybersecurity Operations
Threat Hunter
Cybersecurity Operational Technology Incident Responder
Penetration Tester
Data Scientist (AI)
Systems Analyst
User Interface Designer
Developer
Data Scientist (Tech)
Architectural Designer
Project Manager
Legal Compliance Officer
IT Auditor
Automation Process Engineer
IT Author / Technical Writer
Clinical Researcher / Coordinator
Machine Learning Engineer
Social Media Manager
Systems Engineer
Computer Vision Engineer
IT Service Manager
Data Analyst
Product Manager
Policy Analyst
Learning and Development Specialist
Cognitive Copywriter
Front End Developer
Technical Recruiter
Business Analyst
User Experience Designer
Programmer
Full Stack Developer
Data Engineer
Software Engineer
Deep Learning Engineer
Medical Coder/Programmer
Human Resources Analyst
Robotics Process Analyst
Online/Digital Learning Developer
Network and Systems Administrator
Systems Architect
Tech Sales and Customer Service
Graphic and Animation Designer
IT Program Manager
Web Developer
Business Intelligence Analyst
IT Procurement Officer
Digital Marketing / Communications

Security Testing and Evaluation Specialist

DESIGN & DEVELOP

Skills

Job Description

Other Titles

  • Systems security assessor

Note: This role is most commonly found in large or medium-sized organizations. 

Reporting relationship

To be completed by the user of this job description as appropriate

Job purpose / summary

Plans, prepares, and executes tests of security devices, operating systems, software and hardware to evaluate results against defined specifications, policies, and requirements, and documents results and makes recommendations that can improve information confidentiality, integrity, and availability.

Duties and responsibilities

  • Tests, evaluates, and verifies systems under development; systems exchanging electronic information with other systems; related operating system software and hardware; and security controls and devices used within an organization to determine level of compliance with defined specifications, policies, and requirements
  • Analyze test results of operating systems, software, and hardware and make recommendations based on finding;
  • Develop test plans to address specifications, policies, and requirements
  • Validate specifications, policies and requirements for testability;
  • Create verifiable evidence of security measure
  • Prepare assessments that document the test results and any security vulnerabilities present
  • Deploy, validate, and verify network infrastructure device operation
  • Develop, deliver, and oversee training material and educational efforts
  • Provide training and mentoring to security team members

Competencies

Basic application of the following KSAs:

  • Security procurement processes and supply chain integrity assessments
  • Systems engineering process

Advanced application of the following KSAs:

  • Security assessment and authorization processes
  • IT systems testing and evaluation strategies
  • IT systems testing and evaluation infrastructure and resources
  • IT security systems testing and evaluations tools, procedures and practices
  • Technical knowledge of networks, computer components, power supply technology, system protocols, cyber security-enabled software
  • Network security architecture and models
  • Conducting independent validation and verification security testing
  • Systems testing and evaluation methods and techniques
  • Test design, scenario development, and readiness review
  • Systems integration testing
  • Security assessment and authorization processes
  • Security architecture concepts and enterprise information security architecture model
  • Identifying test and evaluation policies and requirements
  • Collect, analyze, verify and validate test data and translate data and test results into conclusion
  • Designing and document test and evaluation strategies
  • Writing technical and test and evaluation reports.

Tools and Technology

  • Strategic and business plans
  • Threat and risk assessments
  • Vulnerability management processes and vulnerability assessments
  • Incident management processes and procedures
  • Security event and incident management systems and/or incident reporting systems and networks,
  • System architecture
  • Cybersecurity risk management processes & policies
  • Privacy and security legislation
  • Organizational security infrastructure and reporting systems
  • System testing and evaluation policies tools, techniques, procedures and protocols
  • Legislation and compliance requirements

Direct reports (if appropriate)

To be completed by the user of this job description as appropriate

Qualifications

Education. Bachelor’s degree in computer science or related discipline or equivalent training and experience. 

Certifications.

To be completed by the user of this job description as appropriate

Other relevant qualifications. Training in system security measurement, assessment and testing.

Key Attributes.

To be completed by the user of this job description as appropriate

Experience. Significant (5-10 years) experience in IT domain with 3-5 years’ experience in systems security role supporting security assessments and IT audits preferred. Experience working in secured testing environments.

Working conditions (if required)

If the job requires a person to work in special working conditions this should be stated in the job description. Special working conditions cover a range of circumstances from regular evening and weekend work, shift work, working outdoors, working with challenging clients, and so forth.

Physical requirements (if appropriate)

If the job is physically demanding, this should be stated in the job description. A physically demanding job is one where the incumbent is required to stand for extended periods of time, lift heavy objects on a regular basis, do repetitive tasks with few breaks, and so forth.