Job Description :
Job description:
This position’s primary responsibility is to coordinate, work with application/development customers, and vendors to detect, analyze and assist in remediation activities with Client Web Applications.
Additional responsibilities include:
Trains and supports staff to ensure familiarity with new products and procedures.
Answers inbound support calls to assist customers with information technology related issues.
Participates in the development of internal data management plans and coordinates plans and activities with personnel of other agencies to avoid duplication of efforts, share information, and maximize system efficiency.
Participates in the planning, implementation, and management of special projects to develop project management skills and provide assistance in achieving agency information systems objectives.
Researches, analyzes, recommends, installs, and configures hardware, software, and networks for PC’s/servers with multi-user operating and/or networking systems to establish and maintain agency information systems.
Work Effort Breakdown:
20%: Provide analysis of penetration of vulnerability testing
10%: Provide defense against hacking and attacks on SOM systems
50%: Perform static and automatic testing of Web Application
20%: Coordinate remediation efforts with internal and external customers
Required knowledge/skills/abilities:
Knowledge of Web Vulnerability/Risk assessment processes
Knowledge of OWASP top 10 vulnerabilities
Understanding of Web Application security principles around the availability, confidentiality and integrity of data
Experience using automated Web application security test software
Knowledge of complex multi-user network systems.
Knowledge of complex software applications on PC''s, servers, and networks.
Knowledge of operating systems on PC''s and servers.
Knowledge of Ethernet networking, IP addressing and TCP/IP.
Knowledge of proper computer system data security/backup procedures.
Knowledge of basic supervisory techniques.
Ability to troubleshoot and solve complex technical computer problems.
Ability to communicate effectively, write clearly, and present security concepts to non-technical audiences.
Ability to perform research and make recommendations to management on technical computer issues.
Ability to detect and determine potentially serious security hazards on the network
Ability to develop and manage user-oriented computing activities.
Ability to develop and coordinate training programs.
Ability to train personnel in all phases of computer utilization and application.
Ability to perform work requiring lifting and/or physical exertion may be required.
Ability to document, author, and produce written test plans, test reports, operating instructions, standard operating procedures, and technical documentation.
Required systems experience:
Windows; Intermediate
UNIX/LINUX; Intermediate
Java; Beginner
PHP; Beginner
HTML; Intermediate
Manual Testing; Beginner
ATE; Beginner
JIRA; Beginner
AppScan or similar automated Web Security Testing tool