Job Details

ID #12041060
State Washington
City Bellevue
Job type Contract
Salary USD TBD TBD
Source Noralogic Inc
Showed 2021-04-09
Date 2021-04-09
Deadline 2021-06-08
Category Et cetera
Create resume

Security Engineer

Washington, Bellevue, 98004 Bellevue USA

Vacancy expired!

Hi, Looking for a Security Engineer for Bellevue, WA . If you are looking for a new position then please respond me back with your updated resume at Client Job Description Security Engineer Bellevue, WA Long term Contract Description: Client is looking for a talented Senior Application Penetration Tester with good hand's on experience in API and Web penetration testing. Responsibilities/Requirements: Hands-on experience in performing white box [Manual] security testing for Web Application using Kali Linux Functional API Testing with Postman, Newman and BlazeMeter At least two years of pen testing & software development At least three years hands-on technical security experience Must be familiar with the below Tool sets: o Fortify Web Inspect (Expertise: Advanced, must be able to automate where possible) o Nessus o Nmap o Veracode o Burp Suite o ZED attack proxy o SCAP o Threat Modeling (e.g. STRIDE) Must be very well versed with OWASP Top 10 vulnerabilities and must demonstrate to exploit such vulnerabilities in mobile, web and console applications. Deep experience working with XML and web services, including SOAP and REST. Thorough understanding of coding concepts such as: authentication mechanisms, data serialization. Thorough understanding of application architectures such as: n-tier, client and server/API, Postman, microservices, etc. Performs static/dynamic code testing, manual code inspection, threat modeling, design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects. Supports the implementation and enforcement of secure design principles according to policies, standards, and patterns of Information Security. Provide subject matter expertise and mentorship on architecture, authentication and system security. Develops and implement manual and automated web application security testing of web applications to enforce security standards. Works with security product vendors and service providers to evaluate their security offerings. Understanding of both application and network layer security considerations and how to fix them such as: buffer overflow, ToC vs. ToU, input validation, encapsulation, insecure protocols, MITM attacks, SQLi, etc. Ability to work well both independently as well as within a team. Excellent verbal, written, and interpersonal communications skills. Ability to handle several tasks, be organized, make decisions, and work efficiently/effectively under deadlines. Qualifications Bachelor of Science with 3+ years of experience in cybersecurity CEH, CISSP/GIAC preferred Hall of Fame from Facebook, Google, Apple or any bug bounty programs Location: Bellevue Additional InformationWeb/API Pen Testing using Post Man, Burp suite and WIE, Automation of web application security testing, Linux/Unix scripting skills Regards, Gaurav Dhingra Lead Reccruiter +1. | https://www.linkedin.com/in/gauravishiring/ Noralogic | 109 E 17th St, Cheyenne WY 82001 USA: WY, MD, NJ Mexico: Guadalajara, Monterrey India: Noida UP WBE and MBE company ISO 9001:2015 WY Top 50 Minority owned growing company

Vacancy expired!

Subscribe Report job