Job Description :
Hi,
Kindly find mentioned JD.
Position : Penetration Tester
Location : Multiple (Charlotte, Winston Salem, NC, Minneapolis, San Francisco, or Chandler, AZ
Duration : 6+ Months
Interview : Phone and Skype
Need on W2
No OPT’s
I have many slots for penetration testers. They can sit in Charlotte, Winston Salem, NC, Minneapolis, San Francisco, or Chandler, AZ. The job description is below. They must know how to do dynamic application security testing.
Description/Comment: Enterprise Information Security within Wells Fargo is seeking an Info Security Engineer to support application security for Wells Fargo. In this role, the initial function will be to perform Dynamic Application Security Testing (DAST) retests to determine if remediation of previously identified vulnerabilities in applications was successful. Later, you will work with software development partners to identify and mitigate the security vulnerabilities in applications through Dynamic Application Security Testing (DAST) of applications. Communication with the business security team, information security consultants (ISCs), operation risk consultants (ORCs), enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities within Wells Fargo.
The Info Security Engineer will:
Conduct dynamic application security testing using both manual and automated testing tools.
Review test results from tools
Ensure that automated tests are completed successfully
Configure tools as required to be successful in evaluating applications
Identify and remove any false positives from automated testing tool reports
Triage & Disposition results and enforce a Bug Bar
Verify/validate defect fixes
Provide application security consulting SME Support to developers
Assist developers with understanding of security defects and risk
Assist in defining acceptable solution to fix defects
Communicate Security risk to ISCs and ORCs to document security issues and controls for security planning purposes
Help maintain Security Coding Standards and Bug Bar as required
Assist in the Development of standards as required
Provide training
Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
Develop and review malicious use cases/threat models
Maintain a broad understanding of security technologies and products
Actively participate on improving the security culture and education throughout the organization
REQUIRED QUALIFICATIONS
7+ years of experience in security applications and systems
5+ years of DAST (Dynamic Application Security Testing) experience
Minimum of 5 years of demonstrated experience with automated penetration tools
Minimum of 5 years of demonstrated experience with manual penetration testing tools
Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within a large organization
DESIRED QUALIFICATIONS
Advanced Information Security technical skills
Ability to manage complex issues and develop solutions
Excellent verbal and written communication skills
Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
Knowledge and understanding of banking or financial services industry
Experience working in a large enterprise environment
Strong analytical skills with high attention to detail and accuracy
Knowledge and understanding of information security industry standards and government regulations
Ability to manage multiple and competing priorities
Ability to work with limited supervision
Ability to take on a high level of responsibility, initiative, and accountability
Good attention to detail and accuracy skills
Strong collaboration and partnering skills
Demonstrated experience developing and reviewing malicious use cases/threat modelsJOB
Additional Job Details:
Candidate will be required to work onsite at certain facilities in these cities: MN-Minneapolis; AZ-Chandler; NC-Charlotte; NC-Winston Salem; CA - San Francisco