Tech Evaluation Login
Tech Evaluation Signup
PasswordReset
Unsubscribe
PasswordReset
PasswordReset
PasswordReset
Register for Webinar
Register for Event
Job Channels
Skill Score
About Us
Contact Us
Our Blog
Toggle navigation
Home
Skill Score
DemandIndex
Jobs
FETCH Jobs
Java J2EE
Dot Net, C#
DBA
SAP
Admin, Networking
Datawarehousing
QA
Demo
Candidate
Recruiter
Services
Job Posting & Resume Access
Integrated Talent Sourcing
Sub Contractor Supply Chain
Merger & Acquisition
Candidate
Post Resume
Login
Create Job Alert
Recruiter
Login
Free Trial
Signup
Pricing
| Pricing
Dashboard
My Resumes
Resume List
Add Resume
Edit / Update Resume
My Jobs
Fetch Jobs
Matched Jobs
Applied Jobs
Information Security Engineer
Omaha, NE
Omaha
NE
68198
Date
: Mar-16-18
2018-03-16
2019-03-16
Information Security Engineer
Omaha, NE
Mar-16-18
Work Authorization
US Citizen
GC
H1B
EAD (OPT/CPT/GC/H4)
Preferred Employment
Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire
Job Details
Experience
:
Architect, Senior
Rate/Salary ($)
:
Open
Duration
:
Sp. Area
:
Others
Sp. Skills
:
Others
Permanent Direct Hire
FULL_TIME
Direct Client Requirement
Required Skills
:
web application, XSS, CSRF, click jacking, BurpSuite, OWASP ZAP and Fiddler
Preferred Skills
:
.Net (ASP.Net / C#, JavaScript, AngularJS, SQL Server, Postgresql
Domain
:
IT/Software, Financial
Work Authorization
US Citizen
GC
EAD (OPT/CPT/GC/H4)
H1B
Preferred Employment
Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire
Job Details
Experience
:
Architect, Senior
Rate/Salary ($)
:
Open
Duration
:
Sp. Area
:
Others
Sp. Skills
:
Others
Permanent Direct Hire
FULL_TIME
Direct Client Requirement
Required Skills
:
web application, XSS, CSRF, click jacking, BurpSuite, OWASP ZAP and Fiddler
Preferred Skills
:
.Net (ASP.Net / C#, JavaScript, AngularJS, SQL Server, Postgresql
Domain
:
IT/Software, Financial
ReligStaffing Inc
Dover, DE
Post Resume to
View Contact Details &
Apply for Job
Job Description
:
Deep knowledge of common web application vulnerabilities identified under OWASP Top 10 (e.g. XSS, CSRF, click jacking) and their mitigation strategies
Minimum 5 years of hands on software developer experience and should be able to read and write code.
Knowledge of:
o Dynamic Scanning
Evaluating external Pen Testing results – ensure results are mitigated within expected turnaround time based on risk level of items
Using tools like BurpSuite, OWASP ZAP and Fiddler to perform internal Pen Testing, verify the resolution of previously reported items and to pro-actively identify issues earlier in SDLC process
Using tools like Veracode and Whitehat for dynamic scanning and working with the team to educate them on best practices to resolve reported findings
Static Scanning
Using tools like Veracode and HP Fortify at the point of software builds
Using tools like Dependency Checker to identify all dependencies and any CWE’s (Common Weakness Enumeration)
Ensure secure coding standards are in place – educate team on standards and best practices – continue to grow standards over time
Ensure code reviews are in place and happening at the level we expect
Related Technologies:
Net (ASP.Net / C
JavaScript
AngularJS
SQL Server / Postgresql
System security vulnerabilities and remediation techniques.
Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
Security across multiple disciplines (data, database, operating system
Work with DEV and QA teams to ensure application security principles are enforced in various stages of SDLC process.
Experience working in a security capacity with development team(s) that deliver a software-based service.
Strong understanding of threat modeling and security methodologies
Familiar with protocol analysis and cryptography.
Any security related certification such as CISSP, CSSLP CEH GIAC preferred.
Turn OFF keyword highlights