Vulnerability Analyst

LU  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Job Title: Vulnerability Analyst

Location: Luxembourg

Job Type: Contract

Duration: Long term

Pay Rate: €550.00 per day

My Client a global IT consultants is currently looking for a contract Vulnerability Analyst for a long term project working in a busy office in the cultural city of Luxembourg.

Around 3 - 4 years experience as a Vulnerability Analyst would be ideal

Main activities, responsibilities, reference tasks in support of the applied position:

• Acting as an IT Security Consultant in the Web Application Vulnerability Assessment service

• Participation in the setup and inception of the web application vulnerability assessment service

• Evaluation, selection and recommendation of testing tools used by the service -Tools evaluation report.

• Installation and updates (on a regular basis) of vulnerability testing tools used in the service.

• Perform vulnerability assessments of web applications including: static analysis (code review) and dynamic analysis (penetration testing) -Test, report, advice (iterative process).

• Documentation:o Defining methodologies and procedures of tests

o Communication support with development teams

o Writing of web application vulnerability assessment reports including a list of detected security issues and recommendations for internal and external clients.

o Writing of "Web Application Secure Development Guidelines" document (Java/JEE and ColdFusion): to provide a reference of good practices dedicated to security at application level.

• Definition of security metrics and statistics on the evolution of fixes performed on reported vulnerabilities.

• Setup and deployment of a continuous integration system for vulnerability self-assessment where development teams can perform source code analysis during the development phase.

• Service management (requests, responses, reports, recommendations…).

• Coaching of new colleagues.

Web application vulnerability assessment

• IT Security engineering

• Penetration testing

• Security source code review for languages (Java, JSP, ColdFusion, PHP, .NET)

Methodologies: (used in the project) -OWASP (Open Web Application Security Project), Metasploit framework, Software Development Life Cycle (SDLC), CVE (Common Vulnerabilities and Exposures), WASC (Web Application Security Consortium) …

Specific Skills:

• Security of web applications and web services

• Security of mobile applications

• Vulnerability assessment of web applications using automated scanners and manual tools: static analysis (code review) of the source code, penetration testing and dynamic analysis of deployed application

• Web applications development: Java/JSP, ColdFusion, PHP, JavaScript/HTML.

• High experience with vulnerability testing tools for information security technology.

• Good knowledge of different kind of vulnerabilities and attack scenarios in web applications (risks assessment, assets entrusted to web application).

• Writing skills: methodologies, procedures of tests, recommendations and vulnerability assessment reports of tested applications.

• Cryptography principles

• Good understanding of the components of an SDLC

Start date
n.a
From
Aim Hire Jobs
Published at
09.01.2019
Project ID:
1698078
Contract type
Freelance
To apply to this project you must log in.
Register