*Title: Security Consultant/ Application Vulnerability ManagerDuration: 6-12+ Month Contract (Likely Extended)Location: Boston, MA *
Job Responsibilities: The desired talent will be expected to perform technical testing, provide project application development teams with consulting about the results, and retesting of remediated vulnerabilities. The following types of testing will be performed, depending on the needs of the project: Static Source code security analysis Dynamic Web-application scanning Threat Modeling Application Security Reviews Any discovered vulnerabilities would be documented, and necessary remediation plans developed with the application development team. Qualifications: • 5+ years hands-on application security and vulnerability management experience • Experience with IBM App Scan • Plan, develop and execute scans for source code analysis and web-based vulnerability assessments • Identify and resolve false positive findings in assessments • Generate vulnerability assessment reports • Recommend security controls and/or corrective actions for mitigating technical risk • Contribute to and/or validate the security of systems design/architecture • Experience with HIPAA, NIST 800-53, and Sarbanes Oxley regulations • Must have excellent written and verbal communications skills, including an ability to communicate very technical findings to both technical and non-technical audiences, including project managers, systems engineers, developers, and enterprise architects. • Industry certifications, such as CISSP, OSCP, OSCE, CEH, and GPEN, are a plus David Bell Technical Recruiter Consulting Knights Inc. 100 Overlook Center 2nd Floor, Princeton, NJ 08540. Direct:201-252-7254 || Fax: (609) 228-5321 [email protected] www.consultingknights.com -- You received this message because you are subscribed to the Google Groups "Open Source J2EE frameworks" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/open-source-j2ee-frameworks. For more options, visit https://groups.google.com/d/optout.
