Job Description

Technical Security Tester

About Us
DNV Imatis develops and delivers innovative software solutions for the healthcare industry. Our mission is to improve patient care and operational efficiency through cutting-edge technology. Security is a cornerstone of our solutions, and we are committed to ensuring the highest standards of protection for sensitive healthcare data.

The Role
We are seeking a Technical Security Tester with a strong passion for cybersecurity and software quality. In this role, you will take ownership of security testing across our solutions, including penetration testing and the development of automated security test cases to safeguard our products. Additionally, you will design and implement automated end-to-end robustness tests to ensure our software is not only secure but also stable and high performing under real-world conditions.

Key Responsibilities

• Perform hands‑on testing of APIs, backend services, and system integrations to uncover bugs and vulnerabilities.

• Conduct penetration testing and vulnerability analysis following industry standards like OWASP Top 10.

• Collaborate with architects and developers to verify fixes and ensure secure-by-design principles in feature development.

• Develop and maintain automated and manual test cases for security and performance.

• Participate in incident reproduction, retesting, and regression verification after security patches.

Skills & Experience

• Technical background in software testing and cybersecurity.

• Knowledge of common vulnerabilities (e.g., OWASP Top 10) and secure coding principles.

• Strong understanding of web/API security, authentication flows, and common attack patterns (e.g., fuzzing, enumeration, path traversal).

• Experience with tools used for penetration testing and security scanning (e.g., fuzzers, intercepting proxies, automated scanners).

• Ability to analyze logs, traffic and configuration files to identify abnormal behavior or security misconfigurations.

• Familiarity with secure development practices and modern security frameworks (e.g., SDLC, threat modeling).

• Technical competence to test beyond the user interface, including API endpoints, authorization logic, and backend components.

• Ability to communicate findings clearly to both technical and non-technical stakeholders.

• Although English is our primary working language, we frequently communicate with customers in Norwegian. Therefore, proficiency in Norwegian is considered a strong advantage.

Nice to Have

• Familiarity with healthcare industry standards (e.g., GDPR, HIPAA).

• Experience with cloud security and containerized environments (Docker, Kubernetes).

Why Join Us?

• Work on impactful projects that improve healthcare delivery.

• Be part of a collaborative and innovative team.

• Competitive compensation and benefits.

• Opportunities for professional growth and certification in security testing.