InterSources
Penetration Tester
InterSources, Irvine, California, United States, 92713
Title: Penetration Tester (Last date: Oct 18, 2022)Location: ustin, TXDuration: Long term contract
Skills: Security Testing, Web Application security, Penetration testing (At least one year experience)
What We're Looking For
Analytical thinking, and motivated to learn new things.Experience manually testing complex web applications.Experience with a scripting language (e.g. perl, python, PHP, ruby) and a programming language (e.g. JAVA, JavaScript, Go).Proficiency in either Mac OS X and/or other flavors of UNIX.Background in web application development and/or code auditing preferred.Strong verbal & written communication skills.Passion for discovering and researching new vulnerabilities and exploitation techniques.Experience in performing Threat Models and/or security architecture reviews.Experience in securing Cloud environments (such as AWS).Preferred: Experience participating in CTFs, or security research/bug bounties.
Day to Day Responsibilities
This security engineer role will involve working closing with engineering teams to implement a secure development lifecycle. Day to day responsibilities include:
Conduct security architecture reviews of the full stack including applications built on cloud and emerging technologies.Conduct manual application security testing and source code auditing for a variety of technologies.Work closely with engineering teams to provide security guidance to engineers.Create proof of concepts to demonstrate impact to engineering teams.Create automations and/or security tooling to scale security testing.
Education
Preferred: BS in Computer Science or Computer SecurityPreferred: OSCP certification
Skills: Security Testing, Web Application security, Penetration testing (At least one year experience)
What We're Looking For
Analytical thinking, and motivated to learn new things.Experience manually testing complex web applications.Experience with a scripting language (e.g. perl, python, PHP, ruby) and a programming language (e.g. JAVA, JavaScript, Go).Proficiency in either Mac OS X and/or other flavors of UNIX.Background in web application development and/or code auditing preferred.Strong verbal & written communication skills.Passion for discovering and researching new vulnerabilities and exploitation techniques.Experience in performing Threat Models and/or security architecture reviews.Experience in securing Cloud environments (such as AWS).Preferred: Experience participating in CTFs, or security research/bug bounties.
Day to Day Responsibilities
This security engineer role will involve working closing with engineering teams to implement a secure development lifecycle. Day to day responsibilities include:
Conduct security architecture reviews of the full stack including applications built on cloud and emerging technologies.Conduct manual application security testing and source code auditing for a variety of technologies.Work closely with engineering teams to provide security guidance to engineers.Create proof of concepts to demonstrate impact to engineering teams.Create automations and/or security tooling to scale security testing.
Education
Preferred: BS in Computer Science or Computer SecurityPreferred: OSCP certification