Penetration Testing Engineering Job at Diverse Lynx, Washington DC

MU0zMjBOVkFKSmJ6dStEbEZDNVRCYnlyOUE9PQ==
  • Diverse Lynx
  • Washington DC

Job Description

Job Summary:
Job Description/ Responsibilities
Experience must include:
1. Security testing of custom solutions, integrations with ERP solutions and other commercial of the shelf solutions, application middleware (API, application servers, etc.), etc. that are on-premise and/or in the cloud in web, fat client or mobile form.
2. Practical working knowledge and use of
o Penetration testing tools and frameworks such as BurpSuite, Metasploit, Nmap, AppScan, etc.
o Cloud and container technologies like Azure Kubernetes, Azure Container Registry, etc.
o Java, C++, C#, Python, HTML, Java script, PHP.
o Windows and UNIX operating systems and operation/configuration of common web servers as Apache, etc.
o OWASP, WASC, SANS, CVE, and CVSS (Threat & Vulnerability classification).
3. Practical working knowledge with identifying and mitigating security weaknesses, and incorporating security into enterprise software development lifecycle, both agile and traditional waterfall.
4. Demonstrated knowledge of running a broad range of web application testing tools, identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and helping develop platform specific remediation plan.
5. Proven level of understanding of web application technologies (Java, .NET) and database management systems (Oracle, MS SQL) and related security concepts.
6. In-depth and hands-on working knowledge of common website vulnerabilities such as SQL injection, cross-site scripting, remote/local file inclusion, etc.; in-depth knowledge of common website exploit techniques such as character encoding, privilege escalation, directory traversal, etc.
7. Knowledge of security solutions, latest threats, and countermeasures.

Required Soft Skills
1. Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.
2. Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
3. Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.
4. Interpersonal skills that create openness and trust among colleagues.
5. Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity, and responsibility.
6. Ability to be organized, responsive and to be able to effectively multi-task with a focus on driving results.
7. Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers.
8. Ability to work well under pressure and to meet tight deadlines, whilst demonstrating a high level of motivation, confidence, integrity, and responsibility.
9. Excellent relationship management skills. Facilitation and conflict management skills that enable effective working relationships.

Education
1. Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience in regulated industries; OR
2. Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 5 years of relevant experience in regulated industries.

Certifications: (Minimum plus at least 1 preferred)
1. CEH or CompTIA PenTest+ or CSSLP (minimum required)
2. GIAC application security and/or pen testing related certifications (preferred)
3. Offensive security related certifications (preferred)

o 1. Penetration testing tools and frameworks such as BurpSuite, Metasploit, Nmap, AppScan, etc.
o Cloud and container technologies like Azure Kubernetes, Azure Container Registry, etc.
o Java, C++, C#, Python, HTML, Java script, PHP.
o Windows and UNIX operating systems and operation/configuration of common web servers as Apache, etc.
o OWASP, WASC, SANS, CVE, and CVSS (Threat & Vulnerability classification).
8. Practical working knowledge with identifying and mitigating security weaknesses, and incorporating security into enterprise software development lifecycle, both agile and traditional waterfall.
9. Demonstrated knowledge of running a broad range of web application testing tools, identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and helping develop platform specific remediation plan.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.

Job Tags

Local area, Remote job,

Similar Jobs

NJI

Senior Account Executive Job at NJI

 ...located coast to coast as part of our HQ/US team based in Washington, D.C. From farmers to urban forgers, trapeze artists to Mario Kart fanatics, we have colleagues with diverse interests and addresses. The right candidate for this position is located within the greater... 

Anderson County School District

School Secretary Job at Anderson County School District

 ...cooperatively with staff, students, and parents, and performs other related duties as assigned. Requirements: High school diploma or equivalent; Clerical/secretary experience; Proficient computer skills (specifically Microsoft Office); Strong organizational skills; Ability... 

Anytime Fitness, Westchester County NY

Friday Saturday & Sunday Gym Manager! Job at Anytime Fitness, Westchester County NY

AF is looking for a responsible Gym Attendant Team Members to take care of our Health Clubs; carry out cleaning, maintenance, and office duties. The goal is to keep our gyms exceptionally clean, organized, and assist members or prospective members at the club for sales/... 

Fud

Pet Sitting and Dog Walking Expert Job at Fud

We are a growing start-up company looking for a Pet Sitting and Dog Walking Expert to join our community. As a Pet Sitting and Dog Walking Expert, you will be responsible for a variety of tasks to help our community, including researching, sharing, and mentoring others... 

AEG

TEEN TRAVEL COUNSELOR - Summer Day Camp - SECURE A SUMMER JOB NOW! Job at AEG

 ...teacher with available summers and want to work with children ages 13-15, our camp is the place to be. {THIS POSITION WILL HAVE DAY...  ...to Club Getaway in Connecticut or Hershey, PA. Supervise 13-15 year old campers. THE MOST POPULAR JOB IN CAMP! Oak Crest Day Camp...