Job Title:-Application Security Tester
Job Location;- Bellevue WA
Long term Contract
- Deep experience working with XML and web services including SOAP and REST.
- Thorough understanding of coding concepts such as authentication mechanisms data serialization.
- Thorough understanding of application architectures such as n tier client and server API Postman microservices etc.
- Performs static dynamic code testing manual code inspection threat modeling design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects.
- Supports the implementation and enforcement of secure design principles according to policies standards and patterns of Information Security.
- Provide subject matter expertise and mentorship on architecture authentication and system security.
- Develops and implement manual and automated web application security testing of web applications to enforce security standards.
- Functional API Testing with Postman Newman and BlazeMeter
- Works with security product vendors and service providers to evaluate their security offerings.
- Must be familiar with the below Tool sets
- Fortify Web Inspect Expertise Advanced must be able to automate where possible
- Burp Suite
- ZED attack proxy
- Threat Modeling e.g. STRIDE
- Must be very well versed with OWASP Top 10 vulnerabilities and must demonstrate to exploit such vulnerabilities in mobile web and console applications.
- Understanding of both application and network layer security considerations and how to fix them such as buffer overflow ToC vs. ToU input validation encapsulation insecure protocols MITM attacks SQLi etc.
- Ability to work well both independently as well as within a team.
- Excellent verbal written and interpersonal communications skills.
- Ability to handle several tasks be organized make decisions and work efficiently effectively under deadlines.
- Bachelor of Science with 3 years of experience in cybersecurity
109 East 17th St, Cheyenne WY 82001