ShiftCode Analytics
Systems Engineer -Web Application Penetration Tester: Vanguard Group
ShiftCode Analytics, Dallas, Texas, United States, 75215
This will be HYBRID (3 days week), expected to be in the office on Tuesday/Weds/Thursday and remote the other two days.Duration : 12 monthsNEED DOB ( MM/DD)NEED SSN ( LAST 4 DIGITS )NEED LINKEDINNO VIOP OR GOOGLE VOICE NUMBERS PLEASENEED DL COPY
Must haves:* 5-8 years experiencethey need senior hands on pentester* Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON).* Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities.* Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.* Experience developing actionable intelligence based on open source intelligence (OSINT) gathering.* Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc.* Solid understanding of OWASP testing methodology.* 3+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP).* Web application development or source code review experience.* Strong knowledge of Windows and Linux operating systems.* Working knowledge of containerized applications and container-based security controls and configurations.* Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)
Must haves:* 5-8 years experiencethey need senior hands on pentester* Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON).* Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities.* Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.* Experience developing actionable intelligence based on open source intelligence (OSINT) gathering.* Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc.* Solid understanding of OWASP testing methodology.* 3+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP).* Web application development or source code review experience.* Strong knowledge of Windows and Linux operating systems.* Working knowledge of containerized applications and container-based security controls and configurations.* Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)