Position Details:
Job Title: Jr.Penetration Tester
Location: Augusta, ME 04333
Duration: 12+ Months (Strong possibility for an extension)
Project Name: Web Application Security
•This project is supporting deployment certification.
Job Description:
•Contractors primary responsibility is to work with application/development customers, and vendors to detect, analyze and assist in security remediation activities with Client Web Applications. The candidate should also have a basic understanding of security principles around the availability, confidentiality and integrity of data.
Representative Tasks:
•Runs Web application vulnerability software to detect security issues in web applications.
•Analyzes output of web application test scans to determine valid security issues.
•Meets with internal/external customers to analyze outputs from web application scans.
•Recommends remediation and mitigation strategies of security issues in web applications to customers
Minimum Required Qualifications:
•2 years’ experience performing system administration functions in a LAN/WAN environment.
•2 years’ experience working with computer Operating Systems (Windows, Linux, Unix)
•1-2 years’ experience working on Web hosting Platforms (IIS, Tomcat)
•Basic understanding of HTML
•Basic understanding of Java, Java Script
Required Experience/Skills:
•Troubleshoot and solve complex technical computer or network issues.
•Run automated Web application security test software.
•Understanding of OWASP Top Ten vulnerabilities
•Communicate effectively, write clearly, and present security concepts to non-technical audiences.
•Perform research and be comfortable making recommendations to management on technical cyber security issues.
•Develop and coordinate training programs involving security applications.
•Detect and determine potentially serious cyber security hazards on the network.
•Develop and manage user-oriented computing activities.
•Document, author, and produce written test plans, test reports, operating instructions, standard operating procedures, and technical documentation.
•Windows, Intermediate
•UNIX/LINUX, Intermediate
•Java, Beginner
•PHP, Beginner
•HTML, Intermediate
•Manual Testing, Beginner
•ATE, Beginner
•JIRA, Beginner
Required Knowledge/Understanding:
•Web Vulnerability/Risk assessment processes
•OWASP top 10 vulnerabilities
•Complex multi-user network systems.
•Complex software applications on PC's, servers, and networks.
•Operating systems on PC's and servers.
•Ethernet networking, IP addressing and TCP/IP.
•Proper computer system data security/backup procedures.
