Job Description :
Education and Experience

Bachelor''s degree and at least 5 years of experience in manually testing web applications and enterprise penetration
testing

Experience with scripting languages (e.g. perl, python, PHP, ruby) and programming languages (e.g. JAVA, Objective
C)

Ability to explain networking concepts (routing, ACL, load balancers, SSL/TLS, TCP) in order to provide application
architecture feedback to clients

Background in web application development and/or code auditing strongly preferred


Strong verbal & written communication skills

Passion for discovering and researching new vulnerabilities and exploitation techniques

Vulnerability and threat management experience

Experience with various security tools and products (AppScan, Nessus, Wireshark, Burp Suite, HP Web Inspect)

Good understanding of the components of a secure DLC/SDLC

Vulnerability analysis and application reversing skills

Understanding of cryptography principles

Job Description

Perform application and infrastructure penetration tests, as well as physical security review and social engineering
tests for clients

Perform security reviews of application designs, source code and deployments as required; covering all types of
applications (web application, web services, thick client applications)

Review and define requirements for information security improvements

Work on improvements for provided security services, including the continuous enhancement of existing testing
methodologies, materials and supporting assets

Conduct architecture security reviews, application testing, internal vulnerability assessments and external penetration
testing modeled after real world attackers (i.e., exploit and pivot)

Conduct security architecture reviews of the full stack including applications built on cloud and emerging technologies

Conduct manual application security testing and source code auditing for a variety of technologies.