Job Description :
new position 05/16 - SME_WAT_654

Client: State of ME - Direct

Rate: $40/hr on C2C

Job Title: Web Application Security Tester

Location: Augusta, ME

Duration: 6 Months

Position Type: Contract

Interview Type: Phone or In-Person

Required Skills:

* Windows; Intermediate
* UNIX/LINUX; Intermediate
* Java; Beginner
* PHP; Beginner
* HTML; Intermediate
* Manual Testing; Beginner
* ATE; Beginner
* JIRA; Beginner
* AppScan or similar automated Web Security Testing tool

Job Description:

This position''s primary responsibility is to coordinate, work with applicat=
ion/development customers, and vendors to detect, analyze and assist in rem=
ediation activities with Client Web Applications.

Additional responsibilities include:

* Trains and supports staff to ensure familiarity with new prod=
ucts and procedures.
* Answers inbound support calls to assist customers with inform=
ation technology related issues.
* Participates in the development of internal data management p=
lans and coordinates plans and activities with personnel of other agencies =
to avoid duplication of efforts, share information, and maximize system eff=
* Participates in the planning, implementation, and management =
of special projects to develop project management skills and provide assist=
ance in achieving agency information systems objectives.
* Researches, analyzes, recommends, installs, and configures ha=
rdware, software, and networks for PC''s/servers with multi-user operating a=
nd/or networking systems to establish and maintain agency information syste=

Work Effort Breakdown:

* 20%: Provide analysis of penetration of vulnerability testing
* 10%: Provide defense against hacking and attacks on SOM syste=
* 50%: Perform static and automatic testing of Web Application
* 20%: Coordinate remediation efforts with internal and externa=
l customers


* Knowledge of Web Vulnerability/Risk assessment processes
* Knowledge of OWASP top 10 vulnerabilities
* Understanding of Web Application security principles around t=
he availability, confidentiality and integrity of data
* Experience using automated Web application security test soft=
* Knowledge of complex multi-user network systems.
* Knowledge of complex software applications on PC''s, servers, =
and networks.
* Knowledge of operating systems on PC''s and servers.
* Knowledge of Ethernet networking, IP addressing and TCP/IP.
* Knowledge of proper computer system data security/backup proc=
* Knowledge of basic supervisory techniques.
* Ability to troubleshoot and solve complex technical computer =
* Ability to communicate effectively, write clearly, and presen=
t security concepts to non-technical audiences.
* Ability to perform research and make recommendations to manag=
ement on technical computer issues.
* Ability to detect and determine potentially serious security =
hazards on the network
* Ability to develop and manage user-oriented computing activit=
* Ability to develop and coordinate training programs.
* Ability to train personnel in all phases of computer utilizat=
ion and application.
* Ability to perform work requiring lifting and/or physical exe=
rtion may be required.
* Ability to document, author, and produce written test plans, =
test reports, operating instructions, standard operating procedures, and te=
chnical documentation.