Infrastructure Security - PKI Tester,AVP,
Credit Suisse is a leading global wealth manager with strong investment banking capabilities. Headquartered in Zurich, Switzerland, we have a global reach with operations in about 50 countries and employ more than 45,000 people from over 150 different nations. Embodying entrepreneurial spirit, Credit Suisse delivers holistic financial solutions to our clients, including innovative products and specially tailored advice. Striving for quality and excellence in our work, we recognize and reward extraordinary performance among our employees, provide wide-ranging training and development opportunities, and benefit from a diverse range of perspectives to create value for our clients, shareholders and communities. We are Credit Suisse. We Offer
Credit Suisse's Enterprise Security Services (ESS) organisation has global responsibility for the design, delivery and operational support for business critical security services. Data Protection and Application Security (DPAS) is responsible for the design and delivery of the strategic service such as including Public Key Infrastructure (PKI), Data Leakage Prevention, Information Rights Management and Application Security (Demilitarized Zone, Web Application Firewall (WAF), OAuth/OIDC/Federation) and Cloud Security.
We are a department which values Diversity and Inclusion (D&I) and is committed to realizing the firm's D&I ambition which is an integral part of our global Conduct and Ethics Standard
As a PKI Tester, you will work closely together with our security engineering teams to ensure our solutions are sufficiently tested before they are permitted to be deployed to production. You will act as an important quality gate and build a bridge between our clients and engineering.
Design, execute and manage test cases for commercially-off-the-shelf (COTS) solutions as well as in-house developed products and solutions that make up Credit Suisse's PKI and Certificate Management System (CMS) security services.
As a PKI Tester, you will oversee all aspects of testing, such as:
- Define test strategies and test plans
- Design test cases
- Prepare and configure test environments
- Coordinate and conduct end-to-end testing (e.g., functional, regression, performance, and synthetic ),
- Triage and manage defects through User Acceptance Test (UAT)
- Design and implement performing test automation
- Work with engineering team to build CI/CD automation pipelines
- Write and compile test reports
- Communicate, coordinate and collaborate with internal and external business partners, and peers firm wide
- Fill an active role in a global team and work with emerging technologies, and in a challenging and innovative environment
- All testing and corresponding coordination work performed within this role leverages Credit Suisse's solution delivery framework, to ensure the delivery of premium services and solutions.
- Understand the value of diversity in the workplace and are dedicated to fostering an inclusive culture in all aspects of working life so that people from all backgrounds receive equal treatment, realize their full potential and can bring their full, authentic selves to work.
Essentials skills and qualifications
- Attention to details and curiosity
- Interests and desire to learn IT security concepts, especially related with cryptography
- Understanding of IT system lifecycle management concepts
- Understanding principles of HTTP and TLS protocols
- Familiarity with Unix and Windows environments
- Track record and in-depth knowledge of application testing
- Experience in managing and preparing synthetic test data
- Experienced with common testing tools (Selenium, SoapUI, Postman or similar)
- Experience with change and release management practices
- Experience with issue tracking (JIRA), documentation systems (Confluence) and version control systems (Subversion / Git)
- Strong analytical and problem solving skills - ability to breakdown issue in complex system
- The position requires strong collaboration with domain architects, developers, engineers, operators, internal clients and external providers.
- Good communication skills
- A positive can do attitude!
- Result oriented, dedicated, hardworking who can work on own initiative and can deliver on time with a high level of integrity and flexibility, sense of urgency, attention to detail and quality standards
Desired skills and qualifications
- Higher degree in Information Technology or the relevant working experience
- Background in information security technologies and principles - PKI, Identity & Access Management (IAM) solutions
- Understanding of IT Security development guidelines and good practices (i.e. OWASP) is an advantage
- Experience in test automation as part of Continuous Integration / Continuous Delivery (CI/CD) chain
- Experience with integration of REST API interfaces
- Ability to write scripts in at least one of: PowerShell / Bash / Python
- Understanding of IPSec, LDAP, SCEP, ACME protocols is an plus Experience in building and integrating solutions based on commercially-off-the-shelf products and 3rd party components is advantage plus
- Experience in software development methodologies, deployment and automated configuration management in an enterprise environment
- Ability to communicate and collaborate with people from different cultural background
- Ability to act as a team-player and work independently in a global enterprise
- Industry recognized testing certificates (e.g. ISTQB) are a plus
- ITIL foundation certification
- Experience in configuration of middleware (i.e. webservers) to consume PKI certificates is an advantage
Credit Suisse is an equal opportunity employer. Welcoming diversity gives us a competitive advantage in the global marketplace and drives our success.