Description
Job Description:Join the Global Information Services Security Assurance team with responsibility for managing the enterprise-wide Web application scanning process intended to identify exploitable vulnerabilities. The scope of the work includes working in collaboration with business partners and third party providers in analysing the security of the client's Web application platform(s), conducting internal Web application security scans and recommending countermeasures necessary to mitigate detected vulnerabilities.
SKILLS:
Required Skills/Qualifications:
B.S. in Computer Science, Engineering, Math or related
Experience as an ethical hacker and/or penetration testing
Working knowledge of OWASP, OSSTMM and/or ISAAF penetration testing framework
Demonstrated experience with automated testing tools such as WebInspect, IP360, Metasploit, and/or similar products
Fundamental knowledge of networks, protocols, and security infrastructure components
Programming abilities in Python, Perl, and/or other Scripting languages for the development of exploit code
Highly Preferred:
Ability to perform code reviews
Application security expertise