Thursday, July 9, 2020

Application Security Tester

Job Title:-Application Security Tester

Job Location;- Bellevue WA

Long term Contract

 



Required:-

- Extensive experience developing in Java Python JavaScript i.e. NodeJS AngularJS TypeScript variants i.e. Angular 2 and common scripting languages i.e. Bash .
- Deep experience working with XML and web services including SOAP and REST.
- Thorough understanding of coding concepts such as authentication mechanisms data serialization.
- Thorough understanding of application architectures such as n tier client and server API Postman microservices etc.
- Performs static dynamic code testing manual code inspection threat modeling design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects.
- Supports the implementation and enforcement of secure design principles according to policies standards and patterns of Information Security.
- Provide subject matter expertise and mentorship on architecture authentication and system security.
- Develops and implement manual and automated web application security testing of web applications to enforce security standards.
- Functional API Testing with Postman Newman and BlazeMeter
- Works with security product vendors and service providers to evaluate their security offerings.
- Must be familiar with the below Tool sets
- Fortify Web Inspect Expertise Advanced must be able to automate where possible
- Nessus
- Nmap
- Veracode
- Burp Suite
- ZED attack proxy
- SCAP
- Threat Modeling e.g. STRIDE
- Must be very well versed with OWASP Top 10 vulnerabilities and must demonstrate to exploit such vulnerabilities in mobile web and console applications.
- Understanding of both application and network layer security considerations and how to fix them such as buffer overflow ToC vs. ToU input validation encapsulation insecure protocols MITM attacks SQLi etc.
- Ability to work well both independently as well as within a team.
- Excellent verbal written and interpersonal communications skills.
- Ability to handle several tasks be organized make decisions and work efficiently effectively under deadlines.

Qualifications

- Bachelor of Science with 3 years of experience in cybersecurity

 

 Sandip Kumar

Noralogic Inc.

109 East 17th St, Cheyenne WY 82001

Call: 307-316-7223,964-393-6389

Email: sandipkumar@noralogic.com