Free Local Classifieds in Charlotte, NC
Search   in
My Location  
> > >

Web Ethical Hacker - Charlotte

Web Ethical Hacker - Charlotte

Ad id: 408170192383063
Views: 11
Contact Us

Direct Hire, no Sponsorship No Corp to Corp THIS POSITION CAN BE LOCATED ANYWHERE IN THE US Candidate will be part of an experienced team that performs security threat/vulnerability assessments of critical company environments, applications, and technologies through both Ethical Hacking, Automated Web Scanning, and Source Code analysis. Candidate will focus on Ethical Hacking assessments. Must be able to act as a Subject Matter Expert to management and application owners on application vulnerabilities and security best practices. Associate will be required to follow standard methodologies and have the initiative to develop new and innovative processes. Working within a tight team framework, the associate must be results conscious as well as able to work within tight timelines. Candidate must be knowledgeable with business risks associated to common security vulnerabilities and be able to effectively communicate security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security vulnerabilities. Ability to work independently in a very large-scale, enterprise setting. Previous experience as an application security professional within a large Financial Institution a plus. Enterprise Role Overview Key individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & directory technology systems (software & hardware). Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the company's assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (eg client server, distributed, mainframe, etc.). Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience. Required Skills & Experience BS/MS in Computer Science (or relevant work experience in large scale IT environment) At least 3 years of experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (eg, SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, and Business Logic Bypass, OWASP Top 10, SANS top 25, etc.) Ability to demonstrate manual web application testing experience; ie candidate must be able to simulate a SQL inject/Cross-site script attack without the use of tools. Expert level experience with web application vulnerability scanning tools (eg IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro, etc.) Knowledge of network and Web related protocols/technologies (eg, UNIX/LINUX, TCP/IP, HTTP/HTTPS, REST, Cookies) Experience with vulnerability assessment tools and penetration testing techniques. (eg, web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions (ie BackTrack/Kali), static source code analyzers, SoapUI, etc.) Experience penetration testing on mobile platforms such as iOS, Android, Windows & RIM Solid programming/debugging skills with proficiency in one or more of the following; Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C Expert-level experience and very detailed technical knowledge in at least three of the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services. Demonstrated ability to learn and apply critical thinking to a variety of situations. Desired Skills & Experience: Technical Skills One or more of following certifications: CISSP, GWAPT, C-EH, OSCP, OSCE or qualified work experience Strong scripting skills (eg, Python, Perl, Shell script, JavaScript) Experience as a developer a plus Mobile programming abilities, such as Xcode, Objective-C a plus Knowledge of Structured Query Language a plus. Soft Skills: Strong teamwork skills Effective written and oral communication skills Ability to multi-task and handle multiple projects Ability to work in a fast paced, challenging environment Pionear is an equal opportunity employer


Similar Items
Last Updated on: March 18, 2018
Report Ad
Contact Poster by Email

Email Poster

Refresh Image