Title: Cyber Security Consultant
Location: Santa Clara, CA 95050
Duration: Long Term
Rate: $75/hr on W2
Role and Responsibilities:
· Conduct vulnerability assessments on a wide variety of technologies and implementations utilizing both automated tools and manual techniques
· Educate engineering/DevOps/IT teams on best security practices
· Develop subject matter expertise in topics to include: network, database, wireless and application security assessments, and adversarial network operations
· Troubleshoot and handle security incidents in production
· Research and analyze known hacker methodology, system exploits, and vulnerabilities to support methodology development and execution
· Utilize common vulnerability assessment and penetration testing tools
· Assessing and hardening security configurations for SaaS, PaaS, and containerized Cloud systems, traditional operating systems, applications and services
· Create written reports, detailing assessment findings and recommendations
· Work as part of a penetration testing team, taking direction from team lead(s) and executing directives in a thorough and timely fashion
· Perform security research, analysis, and testing via threat modeling, vulnerability assessment, penetration testing, and/or social engineering across a wide variety of applications, platforms and systems
· Clearly outline and document risk impacts of test findings in reports
Required Qualifications:
· Bachelor’s degree or four or more years of work experience in a similar role.
· Experience in the IT industry (system administration, software development, etc.)
· Experience with UNIX / Linux and Windows operating systems, major network devices (Cisco, etc.) and at least one type of database
· Experience in developing and deploying critical security architecture solutions such as SEIM, Firewalls, IDS/IPS, Proxies, DLP, Virtualization, and Host security solutions.
· Demonstrable technical experience with Web Application Penetration Testing
· Demonstrable technical experience with assessment tools: Metasploit, Nexpose, Kali Linux and Burp Suite
· Experience / understanding of networking - port numbers, services, protocols, TCP - IP stack, OSI - Model
· Understanding of OWASP
· Expertise in Python, C, C++, Powershell, Bash, etc.
Additional Qualifications:
· IT Security Certifications like CEH, OSCP, etc.
· Knowledge of Payment Card Industry Data Security Standard (PCI DSS) requirements
· Familiarity with web application concepts, such as JavaScript, XML, SOAP, REST, AJAX, etc
· Knowledge of applications, database, and Web server design and implementation
· Knowledge of open security testing standards and projects, including OWASP
· Excellent communication skills - both written and verbal
Som Neravanda | Recruiting Manager |