Free Local Classifieds in Charlotte, NC
Search   in
My Location  
> > >

Ethical Hacker with Manual Web Hacking Exp

Ethical Hacker with Manual Web Hacking Exp


Ad id: 2503172074184269
Views: 6
Price
Contact Us

Candidate will focus on Ethical Hacking assessments. Must be able to act as a Subject Matter Expert to management and application owners on application vulnerabilities and security best practices. Associate will be required to follow standard methodologies and have the initiative to develop new and innovative processes. Working within a tight team framework, the associate must be results conscious as well as able to work within tight timelines. Candidate must be knowledgeable with business risks associated to common security vulnerabilities and be able to effectively communicate security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security vulnerabilities. Ability to work independently in a very large-scale, enterprise setting. Previous experience as an application security professional within a large Financial Institution a plus.Enterprise Role OverviewKey individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & directory technology systems (software & hardware). Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank\\\'s assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.). Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of total IT experience.Required Skills & Experience:BS/MS in Computer Science (or relevant work experience in large scale IT environment)At least 3 years of experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g., SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, and Business Logic Bypass, OWASP Top 10, SANS top 25, etc.)Ability to demonstrate manual web application testing experience; i.e. candidate must be able to simulate a SQL inject/Cross-site script attack without the use of tools.Expert level experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro, etc.)Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, HTTP/HTTPS, REST, Cookies)Experience with vulnerability assessment tools and penetration testing techniques. (e.g., web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions (i.e. BackTrack/Kali), static source code analyzers, SoapUI, etc.)Experience penetration testing on mobile platforms such as iOS, Android, Windows & RIMSolid programming/debugging skills with proficiency in one or more of the following; Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-CExpert-level experience and very detailed technical knowledge in at least three of the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services.Demonstrated ability to learn and apply critical thinking to a variety of situations.Desired Skills & Experience:Technical Skills:One or more of following certifications: CISSP, GWAPT, C-EH, OSCP, OSCE or qualified work experienceStrong scripting skills (e.g., Python, Perl, Shell script, JavaScript)Experience as a developer a plusMobile programming abilities, such as Xcode, Objective-C a plusKnowledge of Structured Query Language a plus.

Apply Online or contact us at bp+20081080@jobvertise.com

 
 
 
Similar Items
Last Updated on: October 18, 2017
Report Ad
 
 
Contact Poster by Email

Email Poster

CAPTCHA Image
Refresh Image