Description
It's not often that a role like this comes up, this is a brilliant opportunity for a Whitehat Hacker. If you are an Ethical Hacker, you should speak with me. My client are an excellent group to be introduced to. They are a large, well known IT multinational, who are really ramping up in this area, growing their Whitehat hacking team. This company are extremely strong when it comes to software and web development, and they give security the respect that it deserves. Initially, there will be 3 hires, long term daily rate contracts, with attractive rates. You will be based in their state of the art offices in Dublin. A very contract friendly environment awaits you. You will be someone who likes to be ahead of the game. In this role, you will hack, report and advise a large global development department on building best of breed applications in an ever-changing security landscape. You will be part of an agile workforce; promote the best application architecture and infrastructure practices.
The Job
- Engage with project teams to understand scope and conduct web application security assessments. (manual and automated)
- Assess web applications for issues surrounding Authentication, Authorization, User management, Session management, Data validation, including all common attacks such as SQL injection, Cross-site Scripting, Command injection, Error handling, Auditing and logging
- Assess the security aspects of web services design and implementation, including confidentiality, integrity, trust relationships, and authentication using security standards like XML signatures, XML encryption, SAML, and WS-Security
- Prepare formal security assessment reports that contain information on identified vulnerabilities and recommended solutions to fix them
- Provide support to project teams, present findings and security presentations.
- Experience in application and infrastructure security practices and standards (such as OWASP)
- Web application development experience in C# or Java
- Knowledge of HTTP, JavaScript, XML, HTML 5, SQL
- Experience reviewing code for vulnerabilities in Java, C#, Javascript/jQuery, Adobe Flash/ActionScript etc
- Good knowledge of white hat hacker tools such as Fiddler, Paros, Burp, Sqlmap, Nikto, Nmap, Wireshark etc and source code analysers.