Penetration Tester

Bothell, WA Bothell WA 98082

Date : Jul-01-20

Penetration Tester

Bothell, WA

Jul-01-20

Work Authorization

US Citizen
GC
H1B
GC EAD, H4 EAD, TN EAD

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect, Senior, Midlevel, Junior

Rate/Salary ($)

open

Duration

Long Term

Sp. Area

QA, Testing Automation

Sp. Skills

Security; Penetration Testing

Permanent Direct Hire

Consulting / Contract

H1B OK

Third Party OK

Required Skills :

Security, AngularJS, API Testing, JAVA, Javascript, Penetration Testing, Python, SOAP, XML

Preferred Skills :

Java, Python, JavaScript

Domain :

IT/Software, Financial, Government, HealthCare, Retail, Dot Com, Insurance, Pharmaceuticals, Manufacturing, Telecom

Work Authorization

US Citizen
GC
GC EAD, H4 EAD, TN EAD
H1B

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect, Senior, Midlevel, Junior

Rate/Salary ($)

open

Duration

Long Term

Sp. Area

QA, Testing Automation

Sp. Skills

Security; Penetration Testing

Permanent Direct Hire

Consulting / Contract

H1B OK

Third Party OK

Required Skills :

Security, AngularJS, API Testing, JAVA, Javascript, Penetration Testing, Python, SOAP, XML

Preferred Skills :

Java, Python, JavaScript

Domain : IT/Software, Financial, Government, HealthCare, Retail, Dot Com, Insurance, Pharmaceuticals, Manufacturing, Telecom

UNICOM Technologies Inc
Lisle, IL
Post Resume to
View Contact Details &
Apply for Job

Job Description :

Penetration Tester
Bellevue, WA
Long term
Experience:
Extensive experience developing in Java, Python, JavaScript (i.e. NodeJS, AngularJS), TypeScript variants (i.e. Angular 2+), and common scripting languages (i.e. Bash
Deep experience working with XML and web services, including SOAP and REST.
Thorough understanding of coding concepts such as: authentication mechanisms, data serialization.
Thorough understanding of application architectures such as: n-tier, client and server/API, Postman, microservices, etc.
Performs static/dynamic code testing, manual code inspection, threat modelling, design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects.
Supports the implementation and enforcement of secure design principles according to policies, standards, and patterns of Information Security.
Provide subject matter expertise and mentorship on architecture, authentication and system security.
Develops and implement manual and automated web application security testing of web applications to enforce security standards.
Functional API Testing with Postman, Newman and BlazeMeter
Works with security product vendors and service providers to evaluate their security offerings.
Must be familiar with the below Tool sets:
Fortify Web Inspect (Expertise: Advanced, must be able to automate where possible)
Nessus
Nmap
Veracode
Burp Suite
ZED attack proxy
SCAP
Threat Modeling (e.g. STRIDE)
Must be very well versed with OWASP Top 10 vulnerabilities and must demonstrate to exploit such vulnerabilities in mobile, web and console applications.
Understanding of both application and network layer security considerations and how to fix them such as: buffer overflow, ToC vs. ToU, input validation, encapsulation, insecure protocols, MITM attacks, SQLi, etc.
Ability to work well both independently as well as within a team.
Excellent verbal, written, and interpersonal communications skills.
Ability to handle several tasks, be organized, make decisions, and work efficiently/effectively under deadlines.