NEED GC/GC EAD/USC ONLY
Senior Ethical Hacker / Penetration Tester
Location: Keller, TX
Duration: 2 year contracting opportunity
The Senior Ethical Hacker / Penetration Tester This individual will be performing penetration testing or vulnerability assessment of web application, network, wireless, code review and firewall on multi-protocol enterprise systems. This resource must have technical acumen. This resource will be a key figure in monthly software releases for the client, semiannual complete regression testing of the entire platform, as well as other testing needs that may be arise.
Duties and Responsibilities
- Independence: self-managed and motivated. High energy, results driven person with strong interpersonal skills
- Team oriented
- Project Management: Takes responsibility for satisfaction of assigned project
- Effective at speaking and collaborating with others
- Effective at Technical writing and conducting vulnerability research
- Effective at scoping a client's testing effort
- Good communicator to a technical audience.
- Good understanding QA Methodology
- Excellent communication skills and the ability to interface with more senior co-workers and leadership with confidence and clarity
- Education and Training
- Bachelor's Degree in Information Technology/Computer Science or 5 years IT experience
- Any of the following certifications: CISSP, GIAC, CEH certifications
Required Skills
- Strong web application penetration testing experience
- Experience in vulnerability identification and remediation
- Knowledge of the software development lifecycle in a large enterprise environment
- Programming background (C++, Perl, Python, Shell ) for tool and exploit development
- Operating Systems: Windows, Linux, HP-UX, Solaris, AIX, etc.
- Web Servers: IIS, Apache, Lotus Domino, Sun Java System, TC Server
- Middleware software: Oracle's WebLogic, IBM's WebSphere, Apache Tomcat
- In-depth knowledge of any proxying tools such as Paros, Burp, WebScarab, Achilles "fault injection"
- Experience with any of the following commercial application scanning tools: IBM's AppScan, HP's WebInspect, HP's Fortify, NTOSpider, Cenzic's Hailstorm
- Commercial database software like Application Security Inc.'s AppDetective
- Experience with any open source tools such as Whisker or Nikto
- WebServices technologies such as XML, SOAP, AJAX
- Networking tools such as Nessus, nmap, Retina netcat
- Understanding of various web application architectures
- Understanding of server and client side application development
- Physical and logical security audits
- Logical protocol and network traffic audits
- Client/Server exposure (i.e. Java, JSP, Servlet, Linux, UNIX, SQL).
- Mainframe exposure (i.e. COBOL, JCL, IDMS/ADSO, CICS).
- Database exposure (i.e. SQL Server, DB2).
- Automation Testing Tool / frameworks exposure
Desired Skills
- Experience with performing code review, wireless and firewall assessments
- Solid network penetration testing experience
- Technical knowledge in network security products, cryptographic suites and network/application firewalls
- Experience with mobile application and operating system testing
- Experience in evasion techniques to bypass firewalls and intrusion detection
Thanks & Regards,
Divya
Sr. Resourcing Specialist
IDC Technologies, Inc.
1851 McCarthy Boulevard, Suite 116, Milpitas, CA - 95035
Phone : 408-868-5125
Fax : 408-608-6088
Email: divya.r@idctechnologies.com
Website: www.idctechnologies.com
You received this message because you are subscribed to the Google Groups "CVMSCRM" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cvmscrm+unsubscribe@googlegroups.com.
To post to this group, send email to cvmscrm@googlegroups.com.
Visit this group at https://groups.google.com/group/cvmscrm.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment