Csznet, Inc
Washington, DC
Post Resume to
View Contact Details &
Apply for Job
Job Description :
OCTO's Citywide Security team is looking for an application and server vulnerability engineer for its team.
We are looking for a talented and experienced Application and Server Vulnerability Assessment Engineer to join our team. The ideal candidate will be responsible for performing comprehensive security assessments of web applications, mobile applications, and servers, including penetration testing and vulnerability assessment. The successful candidate will have a strong understanding of security vulnerabilities and threats, as well as experience in remediation techniques.
This is a Hybrid role and requires the candidate to be on-site 3 days a week.
Key Responsibilities:
Conduct vulnerability assessments of web applications, mobile applications, and servers using both manual and automated tools.
Perform penetration testing to identify potential weaknesses and vulnerabilities.
Analyze security vulnerabilities and develop remediation plans.
Work with development teams to ensure the implementation of security best practices.
Stay current with emerging security threats, vulnerabilities, and industry trends.
Produce reports outlining findings and recommended remediation steps.
Communicate security risks and solutions to both technical and non-technical stakeholders.
Requirements:
Bachelor's degree in computer science, Information Security, or related field.
At least 3 years of experience in application and server vulnerability assessment.
Experience with vulnerability scanning tools such as Nessus, Qualys, or OpenVAS.
Experience with web application security testing tools such as Metasploit, Burp Suite, or Kali Linux.
Knowledge of OWASP Top 10 and CWE/SANS Top 25.
Experience with programming languages such as Python, Ruby, or Perl.
Strong understanding of security vulnerabilities and remediation techniques.
Excellent written and verbal communication skills.
Ability to work independently or in a team environment.
Willingness to work on-site 3 days a week.
Responsibilities:
1. Expertise in implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus, network traffic analyzers and malware analysis tools.
2. Utilizes advanced experience with scripting and tool automation such as Perl, PowerShell, Regex.
3. Develops, leads, and executes information security incident response plans.
4. Develops standard and complex IT solutions & services, driven by business requirements and industry standards.
5. May also leverage dynamic and static code assessment tools to measure vulnerability of applications throughout the SDLC.
Minimum Education/Certification Requirements:
BS Degree in IT, Cybersecurity, or Engineering, or equivalent experience
Skill Required /Desired Amount of Experience Candidate Experience
1-5 yrs. implementing, administering, and operating IS tech such as firewalls, IDS/IPS, SIEM, Antivirus, net traffic analyzers, and malware analysis Required 0
1-5 yrs. utilizing advanced experience with scripting and tool automation such as Perl, PowerShell, Regex Required 0
1-5 yrs. developing, leading, and executing information security incident response plans Required 0
1-5 yrs. developing standard and complex IT solutions & services, driven by business requirements and industry standards Required 0
BS Degree in IT, Cybersecurity, Engineering, or equivalent experience Required 0

             

Similar Jobs you may be interested in ..