Application Penetration testers /Dynamic Application Security Testing (DAST)

pplication Penetration testers /Dynamic Application Security Testing (DAST) San Francisco CA or New York City, NY or Charlotte NC or Irving TX or Chandler AZ or Minneapolis MN (Hybrid 3-5 days onsite) 12+ Months Web cam Interview $55-$60/Hr on W2 NOT:

• Manager mentioned he has read many resumes the past 2 weeks However many of the candidates submitted were not true application penetration testers.
• He saw many who would classify as a QA analyst by their job classification.
• He saw many others where they worked with third parties who did pen tests, but they never did tests themselves.
• He is also seeing a lot of people who run vulnerability scans, however this is not Dynamic Application Security Testing (DAST).

Description:

• In this contingent resource assignment, you may: Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering and contribute to large-scale planning related to Information Security Engineering deliverables.
• Review and analyze moderately complex Information Security Engineering challenges that require an in-depth evaluation of variable factors.
• Contribute to the resolution of moderately complex issues and consult with others to meet Information Security Engineering deliverables while leveraging solid understanding of the function policies procedures and compliance requirements.
• Collaborate with client personnel in Information Security Engineering.

Required Qualifications:

• 4 years of Information Security Engineering experience or equivalent demonstrated through one or a combination of the following: work or consulting experience training military experience education.

Skills: The Senior Information Security Engineer will:

• Conduct Dynamic Application Security Testing (DAST) through manual testing and by using automated testing tools
• Review test results from tools
• Ensure that DAST tests are completed successfully
• Identify and remove any false positives from automated testing tool reports
• Triage & Disposition results and enforce a Bug Bar
• Verify/validate defect fixes
• Provide application security consulting SME Support to developers
• ssist developers with understanding of security defects and risk
• ssist in defining acceptable solution to fix defects
• Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
• Develop and review malicious use cases/threat models
• Maintain a broad understanding of security technologies and products

Requirements:

• 5 years of information security applications and systems experience
• 3 years of DAST Dynamic Application Security Testing experience
• 3 years of automated information security penetration tools experience
• Penetration testing certification such us GPEN GXPEN GWAPT or OSCP

Apply tot his job Apply To this Job