Application Vulnerability Assessment Analyst
Previous Job
Previous
Application Vulnerability Assessment Analyst
Ref No.: 18-20799
Location: FORT LAUDERDALE, Florida
Position Type:Full Time/Contract
Experience Level: 8 Years
Start Date: 03/28/2018
 Qualification:

Pre-requisites for this position are at least a Bachelor's Degree with 3 - 10 years of experience on most of the following:

- Strong knowledge of web development and programming languages e.g. Java, .NET, Python, etc.

- Strong knowledge of web application technology, e.g. Application Servers, Web Servers, Databases.

- Conducting vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience.

- Identifying, researching, validating, and exploiting various different known and unknown security vulnerabilities on server and client side.

- Experience conducting one or more of the following functions:

1) Application vulnerability assessments.

2) Source code review.

3) Application architecture reviews or threat modeling.

• Able to do manual code review and manual penetration testing.

• Exploiting vulnerabilities.

• Strong java developers, with some understanding of application security testing and willing to switch into that role, would fit for this position.

• Role is to do security testing on an app development project either using struts, spring mvc like java based frameworks.

• Requires one to perform manual code review and manual dynamic testing to find application vulnerabilities.

• Able to do manual code review and manual penetration testing.

• Strong java developers, with some understanding of application security testing and willing to switch into that role, would fit for this position.

• Role is to do security testing on an app development project either using struts, spring mvc like java based frameworks.

• Requires one to perform manual code review and manual dynamic testing to find application vulnerabilities.

Industry-accredited security certifications will be required (the candidate must have or be willing to obtain all of the following certifications – GIAC GWAPT, GPEN, GXPN, OSCP, and CISSP).  Articulating security issues to technical and non-technical audience is a plus. In addition, knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures is expected.