Apply now »

Senior Security Testing Engineer


Our opportunity


As Test Manager within BTO Security Testing, you will be part of a Global team providing Application Security services to Zurich Business Units across the world, joining a young and motivated team that is growing fast with focus on a key area for our business.

You will be working with both Zurich Security and Application teams to ensure that Application Security Testing requirements are met by coordinating and providing support to the SDLC application scanning and Manual Pen Testing projects across the world.

As part of this role, you will not only be using your AppSec skills, but also coordinating both Zurich internal and external teams in different countries, work with the top ranked AppSec toolset and boost your career to the next level.



Your role


As a Test Manager your main responsibilities will involve:


  • Lead and participate in the Information Gathering Sessions to evaluate the requirements from the clients and take the prerequisites required to elaborate the Proposal of Collaboration
  • Evaluate together with the technical lead, the proposal notes and share them with the Test Service Manager
  • Operate with the Security Pipeline to identify next Security Assessment projects in scope and:
    • Work the stakeholders on confirming scope of projects and access requirements.
    • Elaborate and send the Security Assessment Plan before the projects start.
    • Upload the information gathered and share it with the testers.
  • During the project execution
    • Be the SPOC of both testers and clients and facilitate the resolution of potential issues that might occur during the MPT projects.
    • Provide support and guidelines to the testers on the project execution when needed.
  • After project execution:
    • Ensure that final reports are sent over to the stakeholders.
    • Ensure that Finding Agreements meeting is schedule and assigned to the Tech lead or his/her delegates.
    • Oversee Retest process and ensure that testers take the required actions to run them as per the schedule.
  • Support and be the SPOC for the Veracode Service supporting the Global Test Service Manager
  • Attend to any required meeting related to Veracode delegated by the Global Test Service Manager
  • Support the team providing services to Veracode and facilitate coordination between the Operations team and the clients.
  • Oversee the Security Test engineering team mailbox and:
    • Share any relevant proposal received via Forms for Security Assessments with the team contacts.
    • Oversee the request related to Veracode or any Security scan requirements are completed by the Security operations team.
  • Participate and work together with the Global Security Test Manager on the process and procedures documentation related to the services provided by the unit.
  • Work with external providers and oversee their activities related to Security Assessments and Application Security services.
  • Act as a backup of the Global Security Test Service Manager if required and to cover actions related to the Project execution and designed tasks related to the Run&Maintain services.



Your Skills and Experience


As a Test Manager your skills and qualifications will ideally include:


  • Bachelor’s Degree or equivalent in Computer Science or related subject
  • Understanding of Application Security Testing requirements related to the SDLC.
  • Proven experience managing or executing Manual Pen Testing during the SDLC
  • Hands on experience on AppSec scanning: SAST, DAST IAST, SCA,
  • Experience on DevSecOps/Cloud Security is a plus.
  • Understanding of Information/IT governance and risk management
  • Proven experience with common AppSec Frameworks such as OWASP, PTES, NIST
  • Excellent communication skills, being able to take part in meetings and provide expert advice.


Preferred Qualifications


  • Professional Security Qualification - CISSP, CISM, CCSP (or other similar cloud security qualification), CEH, CompTIA Security+
  • Knowledge & Experience of working with AppSec scanning and Manual Pen Testing tools, (Veracode, Checkmarks, Burp suite, among others)
  • Experience as an Application Security Consultant/ Manager/ Developer
  • Familiar with Agile project management methodologies




Additional Information


As well as a competitive salary and a yearly bonus we offer benefits package which includes: 


  • Option to work remotely within Spain even up to 100% - you choose; with option to work abroad up to 25 days yearly
  • Over 300 euros net to set up your home office and additional monthly home office allowance
  • Wide range of internal and external trainings, including free English, German and Spanish classes depending on the needs
  • Ticket restaurant or flexibility to exchange it for other benefits
  • Life, accident, and Health Insurance
  • Collective Life Retirement Plan
  • 2000 referral bonus if you bring other talented people like you
  • Special banking and insurance conditions plus Exclusive Employees discounts
  • Functional diversity benefits
  • Events: summer and Christmas party, different activities like hiking, investment, beach volley club and many more
  • No dress code


Primary work location is Barcelona, Poblenou. Please apply with your CV in English.

Please note that the remote work option is available within Spain only.



Who we are


Looking for a challenging and inspiring work environment where you can make a difference? At Zurich millions of individuals and businesses place their trust in our products and services every day. Our 53,000 employees worldwide form the basis of our success, enabling, businesses and communities to face a world of risk with confidence. Imagine if you could help people do this all over the world. You’d give them confidence and reassurance by protecting what they love most. It’s a big challenge, but you will be supported by a world-class team who believe in helping you to reach your full potential and deliver on our promises.



Diversity & Inclusion


At Zurich we are an equal opportunity employer.  We attract and retain the best qualified individuals available, without regard to race/ethnicity, religion, gender, sexual orientation, age or disability.


So be challenged. Be inspired. Help us make a difference.

You are the heart & soul of Zurich! 

At Zurich, we like to think outside the box and challenge the status quo. We take an optimistic approach by focusing on the positives and constantly asking What can go right? 

We highly value the experience and know-how of our employees and offer a wide range of opportunities across business areas to encourage you to apply for new opportunities within Zurich when you are ready for your next career step. 

Let’s continue to grow together!


  • Location(s):  ES - Barcelona 
  • Remote working: Yes
  • Schedule: Full Time
  • Recruiter name: Raquel Martin Blanco

Apply now »