Are you a programmer that likes security? Are you a talented developer who knows: Java, Python, Ruby and other languages? Are you passionate about web application security, penetration testing, and finding vulnerabilities? Have you have completed academic projects that were security focused? Have you contributed to any open source projects? If so, we have the perfect opportunity for you. In this position, you will learn what it takes to become a skilled hacker and have opportunities to advance into a more senior Security Engineer role.
Responsibilities May Include (but not limited to)
- Responsible for web application penetration testing and automated vulnerability assessments.
- Work with senior architects to develop appropriate remediation strategies.
- Responsible for managing the vulnerability remediation lifecycle.
- Assisting with planning, developing, and executing web application security standards.
- Assisting with validating that web application security standards are being met.
- Work with 3rd party penetration testers.
- Shared responsibilities will include working with various infrastructure tools such as: IPS, WAF, FIM, SIEM and general incident response.
Preferred Technical Experience
- Knowledge of modern web attack methods such as: XSS, SQLi, and OWASP Top 10.
- Knowledge of various security tools and can effectively use them, e.g. BurpSuite.
- Excellent programming or scripting skills. (Perl, Java(script), Python, Ruby, etc)
- Passionate about security and willing to learn new things quickly.
- Creative, problem-solving, thinking, “outside of the box” mentality.
- An understanding of how to fix web application security issues.
Skills, Knowledge & Abilities
- Must possess excellent written and verbal communication skills.
- Must possess strong analytical capabilities and have a desire to learn new things.
- Experience working with complex, sophisticated environments.
- Comfortable performing multifaceted projects in conjunction with day-to-day activities.
- Resourceful and Well Organized.
- Willingness to provide feedback in challenging situations.
Education and Experience
- Bachelor's degree preferred, preferably in computer science or information systems or equivalent work experience.
- Security certifications a plus
- Experience and or knowledge in information assurance, information security, technical analysis, or a combination thereof.
- Hands-on results from school or open source projects are preferred