Application security Specialist - Penetration Tester in Sandy Springs, GA at HUNTER Technical Resources

Date Posted: 7/26/2019

Job Snapshot

Job Description

Penetration Tester - Application Security 

Job Description:

The primary responsibilities for this position will be leading network, application, and mobile penetration testing, as well as furthering team development and advancing the practice.  

Responsibilities for the Penetration Tester:
  • Use both automated and manual techniques to test security within the application
  • Responsible for Vulnerability assessments and penetration testing
  • Responsible for Web application and  Mobile application security testing.
  • Responsible for security testing of web services and APIs.
  • Responsible for performing mitigation test / validation test, focusing on bypass techniques.
  • Responsible for performing code reviews when required on the code developed by APP teams.
  • Responsible for performing false positive/negative analysis and providing recommendation to developers.
  • Perform findings/vulnerabilities analysis, document results, engage with high level personnel, discuss findings, provide recommendations, explain testing techniques, and stay current on weaknesses and vulnerabilities.
  • 5+ years of information security, development, and/or testing experience.
  • A passion for identifying and exploiting vulnerabilities
  • Current Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CISA or similar certifications.
  • In-depth knowledge of OWASP top 10 weaknesses, and the OWASP testing frameworks.
  • Extensive experience with testing tools such as Checkmarks, Nets parker, Metasploit, Burp Suite, Intercepting Proxies, BlackDuck and others.
  • In-depth knowledge of Microsoft Active Directory, networking and TCP/IP.
  • Proficiency with at least one scripting languages (e.g. Python, Bash, JavaScript, PowerShell)
Education Required:
  • Bachelor Degree
Desired Certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Ethical Hacker (CEH)