Upgrade Post project

Web and Mobile Security Analyst

Illinois  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Description

Job Description:
  • Program includes discovery of sites, identification of site owners, kick-off meetings with stakeholders, guiding site owners to self-service scanning portal, and assisting web developers in addressing findings.
  • Will be working with the US/Corporate website "owners."
  • Will be explaining website security to them and showing them how to use vulnerability scanning tools.
  • Will be a "security evangelist" - this position is not hands on.
  • Tracking website progress and managing vulnerability trending reports are important aspects of the program.
  • Communications is a key competency for this role.
  • Consultant must be able to communicate technical details to development teams and also discuss high-level security findings with non IT business folks.
SKILLS:

Skills/Qualifications:
  • Strong communication skills (oral, written, presentation)
  • Ability to work effectively with a variety of stakeholders from different technology and business teams
  • Ability to provide consistent communications and metrics pertaining to the work being delivered by the team
  • 5+ years experience in web and application vulnerability management
  • Familiar with industry standard security best practices and vulnerability management processes
  • Experience with vulnerability assessment methods, risk analysis, penetration testing, operating system and network auditing
  • Experience with vulnerability scanning tools (Cenzic Hailstorm preferred)
  • Knowledge of web application security best practices, web application testing methodologies and tools as well as OWASP guidelines
  • Basic security incident response experience, including: ability to assess and verify security events
  • Good knowledge of operating systems security (Windows, Unix, Linux)
  • Good understanding of secure network/systems configuration management
  • Certifications (eg GIAC, CEH, CISSP, CISA)
  • Ideal background is application/website vulnerability scanning, but network vulnerability scanning is acceptable as well.
  • Need to be able to speak about security in layman's terms.
  • Must have strong security background.
  • Certifications are not required but preferred.
Start date
n.a
From
Synectics
Published at
27.03.2015
Project ID:
875325
Contract type
Freelance
To apply to this project you must log in.
Register