- Min 2 years' experience penetration/vulnerability testing for web and thickclient applications in an enterprise environment
- Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc.
- Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc.
- Full grasp and ability to articulate and/or train others on the "OWASP Top 10" and related concepts
- Minimum 1 years' experience with programming and/or scripting in one or more of the following languages: .NET, Java, PHP, Ruby, Perl, Bash, or similar language
- Minimum 1 years' experience with SQL, including a strong understanding of SQL syntax and the ability to perform basic management of MS SQL databases
- Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners
- Ability to capture and analyze network traffic, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data
- Have a solid grasp of core security fundamentals and concepts, including knowing one's system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc.
- Minimum 3 years' experience with enterpriselevel security control implementations, including Network Intrusion Detection/Prevention (NIDS/NIPS), Corpo*** Antivirus, Enterprise Web Filtering, Data Loss Prevention, Insiderthreat Mitigation, Botnet Detection, etc., as well as demonstrable knowledge of the principles and techniques used to bypass said controls.
- Ability to create extremely high quality written reports containing the findings from web and thickclient vulnerability assessments, as well as the ability to articulate those findings to peer technical staff as well as various levels of management
- Preference is for candidates with two or more of the following certifications: GSEC, GWAPT, CISSP, GPEN, GXPEN, CISA, CISM, OSCP, OSCE
-
Penetration Tester
3 weeks ago
alliantgroup, LP Houston, United Statesalliantgroup, LP is currently experiencing explosive growth As a national consulting firm focused on being the voice to the middle market, our mission is simple: Strengthening American businesses. How do we do this? We hire the brightest talent with the most diverse backgrounds w ...
-
Penetration Tester
1 week ago
Control Risks Houston, United StatesJob Description · Job DescriptionThis position may be based in Chicago, Houston, or Washington DC. · This role will work with a team of cyber security consultants to help assess and test various controls within our clients' network to evaluate and determine compliance with the co ...
-
Penetration Tester
1 week ago
Control Risks Houston, United States PermanentThis position may be based in Chicago, Houston, or Washington DC. · This role will work with a team of cyber security consultants to help assess and test various controls within our clients' network to evaluate and determine compliance with the company's security requirements. ...
-
Penetration Tester
4 weeks ago
AMSYS Innovative Solutions, LLC Houston, United StatesOverview of the Job Duties: · • Conducting Penetration Tests · • Vulnerability Assessment · • Exploit Development · • Social Engineering Testing · • Reporting and Documentation · • Incident Response Support · • Client Engagement · Qualifications: · • Relevant industry certificat ...
-
Penetration Tester
3 weeks ago
AMSYS Innovative Solutions Houston, United StatesOverview of the Job Duties: · Conducting Penetration Tests · Vulnerability Assessment · Exploit Development · Social Engineering Testing · Reporting and Documentation · Incident Response Support · Client Engagement · Qualifications: · Relevant industry certifications suc ...
-
Penetration Tester
3 weeks ago
AMSYS Innovative Solutions Houston, United StatesOverview of the Job Duties: · Conducting Penetration Tests · Vulnerability Assessment · Exploit Development · Social Engineering Testing · Reporting and Documentation · Incident Response Support · Client Engagement · Qualifications: · Relevant industry certifications suc ...
-
Application Security Analyst
6 days ago
Saxon Global Spring, United StatesJob Description: Security Analyst (Penetration Tester) - Expert Level · Exxon Mobil Corporation is looking to bring on an experienced application security contractor in order to supplement internal efforts. Candidate should have all of the following technical and professional ch ...
-
Security Operation Center Analyst
3 weeks ago
Alvarez & Marsal Houston, United StatesDescription · A high number of candidates may make applications for this position, so make sure to send your CV and application through as soon as possible. · Security Operation Center Analyst · Companies, investors and government entities around the world turn to Alvarez & Ma ...
-
EDR, Email Security, Threat Hunting
2 weeks ago
Weatherford Houston, Texas, United States Full timeOverview · Weatherford is a leading global energy services company. Our world-class experts partner with customers to optimize their resources and realize the full potential of their assets. Across our operating locations, including manufacturing, research and development, servi ...
Penetration Tester - Spring, United States - Indotronix International Corporation
Description
Exxon Mobil Corporation is looking to bring on an experienced application security testing contractor in order to supplement internal efforts.
Onsite details:
At the Houston Campus in the office every day
Required Skills :
.NET,SQL,Java
Basic Qualification :
Additional Skills :
Background Check :
Yes
Notes :
Selling points for candidate :
Project Verification Info :
Candidate must be your W2 Employee :Yes
Exclusive to Client :
No
Face to face interview required :Yes
Candidate must be local :Yes
Candidate must be authorized to work without sponsorship :Yes
Interview times set :
:No
Type of project :
Testing
Master Job Title :
Other
Branch Code :
Houston
Indotronix is an Equal Opportunity Employer