Mid-Senior Security Test Engineer

Full Time
Bristol, United Kingdom
Areas of Interest: Test and Evaluation
report a problem

We build secure identities

ForgeRock® isn’t your typical high tech company and aren’t looking for typical people. We believe in and foster a flexible and collaborative work environment. We’ve grown enormously, but remain true to the innovative, can-do start up values that got us here. Most important of all, we keep hiring talented, smart, fun, and genuinely nice people.

Our customers are some of the biggest companies, organizations, and even countries in the world. On any given day, it’s likely that the ForgeRock Identity Platform helped keep your data safe, gave you access to services, and supported trusted relationships between you, companies and the devices you are using. You can read more about us at www.forgerock.com/about-us

The Role:

ForgeRock, the innovative global open source Identity vendor headquartered in San Francisco, CA, is currently hiring for a Security Test Engineer to join our team in Bristol!  If you have a strong security testing background or an interest in the latest penetration tools and technologies and want an opportunity to be on the ground floor of a rapidly growing company, you will love working in our ultra casual, life focused environment where we put the emphasis on providing the tools, benefits and perks in place that allow you to focus on your work while maintaining balance to your life. 

Some of what you'l be involved in:

  • Define and implement strategy for security testing of Identity Management products
  • Perform hands on security tests and code reviews to discover security related issues
  • Reproduce exploits and confirm possible security vulnerabilities
  • Act as a specialist to advise engineers about security best practices
  • Communicating vulnerability findings verbally and in writing
  • Liaise with internal teams to improve security and manage issues
  • Perform, monitor, analyse security scans of ForgeRock products continuously
  • Develop internal security and penetration tests using best industry practices

If you can tick off some of the below we'd be keen to hear from you!

  • Up to date with the latest penetration testing tools and technologies.
  • Strong knowledge in Web application penetration testing.
  • Experience exploiting vulnerabilities in web servers and clients.
  • Hands-on experience in script development related to penetration testing activity
  • Proficient at performing code review or reverse engineering in Java, JavaScript, C, C#, Python, .Net.
  • Ability to demonstrate manual and automated testing of all of OWASP #10 categories.
  • Solid understanding of cryptography and encryption schemes (symmetric, asymmetric, and hashing) .
  • Good understanding of the components of a secure DLC/SDLC.
  • Expert knowledge of security risks related to web applications, web services, web browsers, databases and client/server architectures.
  • S. or equivalent degree in an Engineering or Science Discipline.

Life at ForgeRock!

ForgeRock competes for the best talent! So what are you waiting for? We have offices across the globe, from San Francisco to Singapore. Make an impact, win as a team and celebrate success in our fun, fast-paced environment. We're growing fast, which means unlimited opportunities for you to do the best work of your life.

  • Company-wide winter & spring social activities
  • Regular office bonding events, from lunches and happy hours
  • Well-stocked fridges, whether you’re hungry or thirsty
  • Competitive benefits and perks
  • We’re Mac-friendly
  • Amazing and unique offices across the globe – San Francisco HQ; Vancouver, WA; London & Bristol, UK; Grenoble, FR; Oslo, NO; Singapore, Australia & counting!
For more information, to link to our careers page and free downloads visit www.forgerock.com.

Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. ForgeRock does not accept unsolicited headhunter and agency resumes. ForgeRock will not pay fees to any third-party agency or company that does not have a signed agreement with ForgeRock.   If you are an agency interested in partnering with ForgeRock, please email talent@forgerock.com.

Share this job:


Transforming business by securely connecting customer identities with the digital world.
ForgeRock®, one of the fastest-growing identity relationship management vendors in the world, helps leading global brands, enterprises and government entities build secure, customer-facing relationships across any app, device or thing. ForgeRock customers use online identities to grow revenue, extend reach and launch new business models, and the company's Identity Platform secures over half a billion identities worldwide. 

Founded in 2010, ForgeRock’s leadership team brings 80 combined years of experience in the software industry and includes open source icons and innovators, with investors from three of the leading global venture capital firms – Accel Partners, Foundation Capital and Meritech Capital. 

The ForgeRock Identity Platform includes: 
-- OpenAM (Access Manager): 
for securely managing access to digital customer services, anytime and anywhere. 
-- OpenIG (Identity Gateway): 
for delegating identity decisions for APIs, cloud, mobile and enterprise applications. 
-- OpenIDM (Identity Manager): 
for seamlessly managing identities across all channels, on premises, in the cloud, on mobile. 
-- OpenDJ (Directory Server): 
for building a consistent and scalable customer profile across your business. 

ForgeRock technology is built on open standards and deployed by a global network of system integrator, consulting and training partners. All products are supported for mission-critical operations by ForgeRock enterprise lifecycle subscriptions. 

For more information and free downloads, visit http://www.forgerock.com or follow ForgeRock on Twitter at http://www.twitter.com/forgerock.

Identity Software Platform, AM - Access Management, Federation, SSO, DJ - Directory Software, IDM - Identity Lifecycle Provisioning, IG - Identity Gateway, IRM - Identity Relationship Management
Visit ForgeRock 's Social Media pages:
Company Industry: Information Technology and Services
Company Type: Privately Held
Company Size: 201-500