We need a resource who has experience working within a Vulnerability Management Program that understands Application Security with 5-7 years of security experience.
Experience with any of the following commercial application scanning tools such as Acunetix, IBM's AppScan, Client's WebInspect, NTOSpider, Cenzic's Hailstorm, Burp Suite ProfessionalUnderstanding of Web Services technologies such as XML, SOAP, and AJAXUnderstanding of various web application frameworks such as ASP.NET, J2EE, ZendWeb Server configuration knowledge: Microsoft IIS, Apache HTTP Server, Apache TomcatExperience in application level attacks, bypassing firewalls, evading intrusion detectionExperience building automated tool sets or expanding existing toolset librariesSecure code review experience using automated toolsetsSoftware Engineering career experienceFollowing Certifications: CISSP, CEH, GWAPT, GPEN, OSCPThorough understanding of software vulnerabilitiesKnowledge of OWASP Top 10, SANS Top 25, CWE, WASCAbility to demonstrate understanding of vulnerability remediationFamiliarity with malicious code identification and common hacker attack techniquesAbility to research and reproduce vulnerability exploitationUnderstanding of advanced cryptographic conceptsAbility to demonstrate manual testing experience including all of OWASP Top 10QualificationsSkills Required
Excellent problem solving and analytical skillsSuperior oral and technical writing communication skillsIndependence, self-managed, and motivatedKnowledge of the Software Development Lifecycle in an enterprise environmentProgramming experience in two of the following languages: C#, Java, Python, RubyAdditional InformationAll your information will be kept confidential according to EEO guidelines.
#J-18808-Ljbffr