Company:
Syntricate Technologies Inc
Location: San Francisco
Closing Date: 24/11/2024
Hours: Full Time
Type: Permanent
Job Requirements / Description
Application Penetration testers /Dynamic Application Security Testing (DAST)
San Francisco CA or New York City, NY or Charlotte NC or Irving TX or Chandler AZ or Minneapolis MN (Hybrid 3-5 days onsite)
12+ Months
Web cam Interview
$55-$60/Hr on W2
NOT:
Manager mentioned he has read many resumes the past 2 weeks However many of the candidates submitted were not true application penetration testers.
He saw many who would classify as a QA analyst by their job classification.
He saw many others where they worked with third parties who did pen tests, but they never did tests themselves.
He is also seeing a lot of people who run vulnerability scans, however this is not Dynamic Application Security Testing (DAST).
Description:
In this contingent resource assignment, you may: Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering and contribute to large-scale planning related to Information Security Engineering deliverables.
Review and analyze moderately complex Information Security Engineering challenges that require an in-depth evaluation of variable factors.
Contribute to the resolution of moderately complex issues and consult with others to meet Information Security Engineering deliverables while leveraging solid understanding of the function policies procedures and compliance requirements.
Collaborate with client personnel in Information Security Engineering.
Required Qualifications:
4 years of Information Security Engineering experience or equivalent demonstrated through one or a combination of the following: work or consulting experience training military experience education.
Skills:
The Senior Information Security Engineer will:
Conduct Dynamic Application Security Testing (DAST) through manual testing and by using automated testing tools
Review test results from tools
Ensure that DAST tests are completed successfully
Identify and remove any false positives from automated testing tool reports
Triage & Disposition results and enforce a Bug Bar
Verify/validate defect fixes
Provide application security consulting SME Support to developers
Assist developers with understanding of security defects and risk
Assist in defining acceptable solution to fix defects
Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
Develop and review malicious use cases/threat models
Maintain a broad understanding of security technologies and products
Requirements:
5 years of information security applications and systems experience
3 years of DAST Dynamic Application Security Testing experience
3 years of automated information security penetration tools experience
Penetration testing certification such us GPEN GXPEN GWAPT or OSCP
San Francisco CA or New York City, NY or Charlotte NC or Irving TX or Chandler AZ or Minneapolis MN (Hybrid 3-5 days onsite)
12+ Months
Web cam Interview
$55-$60/Hr on W2
NOT:
Manager mentioned he has read many resumes the past 2 weeks However many of the candidates submitted were not true application penetration testers.
He saw many who would classify as a QA analyst by their job classification.
He saw many others where they worked with third parties who did pen tests, but they never did tests themselves.
He is also seeing a lot of people who run vulnerability scans, however this is not Dynamic Application Security Testing (DAST).
Description:
In this contingent resource assignment, you may: Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering and contribute to large-scale planning related to Information Security Engineering deliverables.
Review and analyze moderately complex Information Security Engineering challenges that require an in-depth evaluation of variable factors.
Contribute to the resolution of moderately complex issues and consult with others to meet Information Security Engineering deliverables while leveraging solid understanding of the function policies procedures and compliance requirements.
Collaborate with client personnel in Information Security Engineering.
Required Qualifications:
4 years of Information Security Engineering experience or equivalent demonstrated through one or a combination of the following: work or consulting experience training military experience education.
Skills:
The Senior Information Security Engineer will:
Conduct Dynamic Application Security Testing (DAST) through manual testing and by using automated testing tools
Review test results from tools
Ensure that DAST tests are completed successfully
Identify and remove any false positives from automated testing tool reports
Triage & Disposition results and enforce a Bug Bar
Verify/validate defect fixes
Provide application security consulting SME Support to developers
Assist developers with understanding of security defects and risk
Assist in defining acceptable solution to fix defects
Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
Develop and review malicious use cases/threat models
Maintain a broad understanding of security technologies and products
Requirements:
5 years of information security applications and systems experience
3 years of DAST Dynamic Application Security Testing experience
3 years of automated information security penetration tools experience
Penetration testing certification such us GPEN GXPEN GWAPT or OSCP
Share this job
Useful Links