Vacancy expired!
- Make meaningful change through critical and dynamic thought to stay ahead of emerging threats
- Be a key member of the 24/7 Cyber Incident Response Team
- Partner with technical leaders to ensure remediation efforts adhere to corporate standards and policies
- Improve the secure software development lifecycle
- Mentor others within the organization
- Provide technical input and recommendations for mitigation of security findings
- Perform static and dynamic code analysis (manual and tool based) for security defects
- Analyze and break down configuration weaknesses, coding flaws, and other vulnerabilities as needed for Dev and Operations teams to address
- Assist with the vulnerability management program as needed
- Assist in security assessments to ensure the architecture is secure and adopts the zero-trust methodology
- Assist in security assessments of mobile and web applications, cloud environments, and infrastructure
- Assist with penetration testing
- 4 years of experience in cyber security
- 2 years of web development or software engineering experience preferred
- Certifications in one or more of the following: GIAC Web Application Penetration Tester (GWAPT), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OSWE), or Offensive Security Exploitation Expert (OSEE)
- The ability in automate and make use of JSON restful API's
- Secure software development lifecycle experience.
- Experience with IPv4, Routing, DNS
- Experience with Microsoft Active Directory
- Experience with one or more vulnerability management tools
- Deep and broad understanding of cyber weaknesses (hardware, software, processes, people) and how attackers exploit them
- Must be Proficient in scripting in one or more languages (Python, Bash, PowerShell)
- Ability to ensure development teams follow industry methodologies and best practices, including OWASP Testing Guide to uncover vulnerabilities across API's and Web Applications
- Exposure to Cloud Computing (AWS & Azure)
- Understanding of Windows and Linux
- Excellent verbal and written communication skills
- Excellent organizational and/or project ownership skills
- Ability to develop excellent working relationships with a variety of other enabling teams
- Excellent attention to detail, data accuracy, and data analysis
- Self-motivated and works with a high level of intellectual curiosity and a high degree of integrity
- Collaborate and communicate effectively with development teams to ensure secure code is released
- Coordinate with external security pentesting activities and vendors
- Ability to perform basic forensics on workstations and servers
- Assist in maintaining current standards
- Develop cyber security program documentation
- Web application pen testing experience
- Strong coding skills in one or more languages/frameworks, including PHP, .Net, JSP, JCR, OSGI, jQuery, Javascript, XML, C/C, C#, Java, SQL, assembly, Ruby, and others
- Splunk
- Experience with Encase
- Vendor Risk Management Experience
- OCI, AWS & Azure
- IPv6
- Network Sniffing Tools
Vacancy expired!