- Expiry Date: 20 October 2022
- Referral: firstname.lastname@example.org
Keywords: Penetration, BURP, OWASP, Test
Notes from the Hiring Manager:
* Need senior resource who can lead team, 7+ years in security and Penetration Testing * Should be experienced in all testing in mobile, web application testing * Should have OWASP experience * TOP 3 skills in resume: BURP Suite, Web Application & Mobile Testing, Penetration Testing, OWASP Top 10 * Java + scripting nice to have, not mandatory * Hybrid role with 2 days/week in office (Candidate can decide which 2 days to work from office)
Collaborate with software development, system engineering and security architect peers to continually improve the security posture of applications and ensure the proper implementation of the security controls.
Innovate new application security testing methods and support team effort to leverage tools and develop effective process to automate the security test cases.
Serves as a Subject Matter Expert (SME) in web application security for organizational projects during the application development phase.
Provide guidance, support, testing and recommendations to ensure secure application release.
Configure, run and monitor automated security testing tools.
Perform manual validation of vulnerabilities.
Perform manual penetration testing of Web applications, Mobile applications, Thick clients and APIs Thoroughly document exploit chain/proof of concept scenarios for internal client consumption.
A degree or certificate in management information systems, cyber security, mathematics, computer science or related field or 10+ years of relevant information security experience.
Experience in security testing web applications, API and mobile platforms manually.
Familiarity with vulnerability assessment, remediation and penetration testing best practices.
Experience using Burp Suite and its extensions in penetration testing.
Development experience, working knowledge of Java. Excellent analytical and debugging skills.
Excellent communication skills.
Skill Desired (Nice to have):
Have or desire to obtain one or more security-related certifications such as Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Incident Handler (GCEH), Offensive Security Certified Expert (OSCE), and Offensive Security Certified Professional (OSCP).
Experience with Linux operating systems.
Experience with Mobile application programming.
Experience with Web application technologies Experience with Source code analysis software
Experience with Cloud Security (Azure/AWS Security Controls)
Experience with Scripting languages (preferably Python)Diversity Inclusion and Social Responsibility
About ASK: ASK Consulting is an award-winning technology and professional services recruiting firm servicing Fortune 500 organizations nationally. With 5 nationwide offices, two global delivery centers, and employees in 42 states-ASK Consulting connects people with amazing opportunities.
ASK Consulting is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all associates.