2+ years of Application and Network Security Testing Experience
Skills:
Expertise in web application penetration testing
Expertise in mobile application penetration testing
Expertise in network penetration testing
Expertise in wireless network penetration testing
Expertise in configuration audit or vulnerability assessment of multiple OS and Network Device platforms
Ability to handle difficult situations and to provide alternative solutions or workarounds
Flexible and creative in helping to find acceptable solutions for customers
Good communication and writing skills with the ability to talk to both business people and technical people
Preferred skill set:
Experience with Network Architecture Review and Firewall Rule-base Audit
Experience with Source Code Review will be a plus
Experience in Application Architecture Review will be a plus.
Experience with testing different types of networks including VOIP, GSM, etc.
Security certifications such as OSCP, CEH, etc.
Knowledge of Cryptography (symmetric and asymmetric encryption, PKI, etc.)
Ability to work on multiple complex assignments simultaneously
Ability to work independently with minimal oversight or in teams
Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.
Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc.
Roles and Responsibilities:
The candidate is expected to execute complex and enterprise application and infrastructure security testing projects
The candidate is expected to complete the projects within budgeted efforts and deliver high quality reports
The candidate is expected to gain in-depth knowledge and understanding of enterprise networks, web & mobile applications developed in various languages (i.e. Java, ASP, .NET, C++, C#, etc.)
The candidate will be involved in application architecture understanding, threat identification, vulnerability identification and control analysis
The candidate is expected to be proactive in project planning and execution
The candidate is expected to do likelihood determination, impact analysis and risk determination
The candidate is expected to showcase prioritization of risks including solution recommendation and documentation
The candidate is expected to identify and infer the business risk posed by the weaknesses identified during the assessments
The candidate is expected to engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure perspectives
The candidate should be open for onsite deployments anywhere across the world as business demands
To apply for this position, please e-mail your resume to careers@paladion.net with ‘Device Management – Delivery Head’ in the subject line