Job expirat
The Application Penetration Tester will be working individually and will be performing penetration testing or vulnerability assessment of web application, network and firewall on multi-protocol enterprise systems will work closely with developers and IT.
Responsibilities:
-Conduct penetration testing of web-based applications, systems & networks to identify information security design flaws and weaknesses.
-Perform social engineering engagements, including phishing.
-Analyze test findings and of security vulnerabilities found and collaborate with engineering and development teams to correct the vulnerabilities.
Requirements:
-Common information security vulnerabilities such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
-Web application penetration testing: directory traversal, man-in-the-middle attacks, authentication bypass, and command injection
-Network & vulnerability scanners
-Network based attacks and mitigation methods
-Application level attacks and mitigation methods
-System level attacks and mitigation methods
-Experience with one or more scripting languages such as bash, PERL, Python, ruby, lua, vb/wscript, or powershell
-Familiarity with penetration testing tools such as NeXpose, Nessus, nmap, Metasploit, Burp, tcpdump, wireshark, etc.
Desirable:
-Any security certification (GIAC, CISA, etc.)
-Knowledge of TCP/IP protocols and networking architectures.
-Knowledge of Web applications, databases, and Web server design and implementation
-Experience in evasion techniques to bypass firewalls, and intrusion detection, is a plus
-Experience in exploit development
Online Email Marketing