*Penetration Tester II* *Scottsdale, Arizona*
*Open, 6+Mts* Job Description *Essential Functions * - Works as an individual contributor for smaller efforts and as part of a team for larger efforts. - Conduct internal and external network penetration tests. - Conduct internal and external graphical user interface web application penetration tests. - Conduct internal and external web services application penetration tests. - Conduct wireless network penetration tests. - Responsible for writing and reviewing formal penetration test reports documenting the details of a penetration test and all vulnerabilities, potential issues, and strengths found during the test. - Responsible for submitting tickets for remediation of vulnerabilities and potential issues found during penetration tests. - Work with Security Architects and Security Engineers to gather information and conduct penetration tests. - Review and process static source code vulnerability analysis reports for developed applications as directed. - Evaluate commercial and open source tools to be used for the purposes of penetration testing. - Maintain demonstrable knowledge of current vulnerability exploitation techniques. - Strong understanding of TCP/IP. - Mentor junior Penetration Testers as needed. - Complies with all security policies and procedures, to ensure that the highest level of system and data confidentiality, integrity and availability is maintained Required Experience *Minimum Qualifications* - Education or experience equivalent to a Bachelor’s degree in Computer Science, Computer Information Systems, Information Security, Engineering, Math or Physical Science, or related field. - Strong understanding of offensive and defensive security, including offensive evasion and defensive detection techniques. - 4 years of general security penetration test experience. - 4 years of general IT or information security experience. - Working knowledge of communication network technologies. - Working understanding of Active Directory, Exchange, and SharePoint. - Advanced working understanding of penetration test and security assessment procedures. - Advanced working understanding of information gathering techniques and processes. - Advanced working understanding of web application technologies such as programming languages (AJAX, PHP, Perl, SOAP-based web services, Java, JavaScript, C# and/or .Net, ASP), web servers, application servers, web services, web browse technologies, common vulnerabilities, security best practices, automated testing tools, manual testing tools, - Perl, Python, shell, VB or other scripting language skills required. - Advanced working knowledge of relational databases. - Comfortable using, configuring, troubleshooting, and administering UNIX, Linux, Mac OSX, and Windows operating systems. - Experience using the Backtrack/Kali Linux suite of penetration test tools. - Have a broad advanced understanding of various commercial, open source, and freeware penetration test tools. - Proficient using proxies for web application penetration tests. - Proficient using fuzzing techniques for all types of penetration tests. - Expert knowledge of Open Web Application Security Project (OWASP) Top 10 Vulnerabilities and testing procedures. - Ability to work independently and within a team environment. - Effective interpersonal skills. - Must demonstrate advanced stages of Pwniephobia – The fear of one’s computer or mobile device being compromised by crafty attackers either through loss of control or ninja like social engineering. A fear commonly brought on by the embarrassment of a previous compromise. Usually in the presence of co-workers, peers, or persons whom impressions of poor information security practices are heavily weighed. - Ability to present to peers, coworkers, and customers. - Experience in analyzing risk associated with security vulnerabilities required. - Strong writing skills. - Approved background and drug screen is required *Preferred Qualifications* - Application Development background - Social Engineering experience - Certified Ethical Hacker (CEH) or equivalent certification - Certified Penetration Tester (CPT) or equivalent certification - Additional related education and/or experience preferred *Regards,* *Rahman, * *Sr Resource Recruiter* *[email protected] <[email protected]>* *703 246 1849* -- You received this message because you are subscribed to the Google Groups "SAP ABAP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sap-abap. For more options, visit https://groups.google.com/d/optout.
