Application Vulnerability Assessment Analyst
Previous Job
Previous
Application Vulnerability Assessment Analyst
Ref No.: 18-30245
Location: Fort Lauderdale, Florida
Position Type:Full Time/Contract
Experience Level: 9 Years
Start Date: 05/02/2018
Qualification:
Pre-requisites for this position are at least a Bachelor's Degree with 3 - 10 years of experience on most of the following:
- Strong knowledge of web development and programming languages e.g. Java, .NET, Python, etc.
- Strong knowledge of web application technology, e.g. Application Servers, Web Servers, Databases.
- Conducting vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience.
- Identifying, researching, validating, and exploiting various different known and unknown security vulnerabilities on server and client side.
- Experience conducting one or more of the following functions:
1) Application vulnerability assessments.
2) Source code review.
3) Application architecture reviews or threat modeling.
• Able to do manual code review and manual penetration testing.
• Exploiting vulnerabilities.
• Strong java developers, with some understanding of application security testing and willing to switch into that role, would fit for this position.
• Role is to do security testing on an app development project either using struts, spring mvc like java based frameworks.
• Requires one to perform manual code review and manual dynamic testing to find application vulnerabilities.
• Able to do manual code review and manual penetration testing.
• Strong java developers, with some understanding of application security testing and willing to switch into that role, would fit for this position.
• Role is to do security testing on an app development project either using struts, spring mvc like java based frameworks.
• Requires one to perform manual code review and manual dynamic testing to find application vulnerabilities.
Industry-accredited security certifications will be required (the candidate must have or be willing to obtain all of the following certifications – GIAC GWAPT, GPEN, GXPN, OSCP, and CISSP). Articulating security issues to technical and non-technical audience is a plus. In addition, knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures is expected.