ShiftCode Analytics
Systems Engineer -Web Application Penetration Tester: Vanguard Group
ShiftCode Analytics, Dallas, Texas, United States, 75215
This will be HYBRID (3 days week), expected to be in the office on Tuesday/Weds/Thursday and remote the other two days.
Duration : 12 months
NEED DOB ( MM/DD)
NEED SSN ( LAST 4 DIGITS )
NEED LINKEDIN
NO VIOP OR GOOGLE VOICE NUMBERS PLEASE
NEED DL COPY
Must haves: * 5-8 years experience they need senior hands on pentester * Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON). * Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities. * Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws. * Experience developing actionable intelligence based on open source intelligence (OSINT) gathering. * Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc. * Solid understanding of OWASP testing methodology. * 3+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP). * Web application development or source code review experience. * Strong knowledge of Windows and Linux operating systems. * Working knowledge of containerized applications and container-based security controls and configurations. * Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)
Must haves: * 5-8 years experience they need senior hands on pentester * Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON). * Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities. * Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws. * Experience developing actionable intelligence based on open source intelligence (OSINT) gathering. * Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc. * Solid understanding of OWASP testing methodology. * 3+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP). * Web application development or source code review experience. * Strong knowledge of Windows and Linux operating systems. * Working knowledge of containerized applications and container-based security controls and configurations. * Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)