We need a resource who has experience working within a Vulnerability Management Program that understands Application Security with 5-7 years of security experience.

1. Experience with any of the following commercial application scanning tools such as Acunetix, IBM's AppScan, Client's WebInspect, NTOSpider, Cenzic's Hailstorm, Burp Suite Professional.
2. Understanding of Web Services technologies such as XML, SOAP, and AJAX.
3. Understanding of various web application frameworks such as ASP.NET, J2EE, Zend.
4. Web Server configuration knowledge: Microsoft IIS, Apache HTTP Server, Apache Tomcat.
5. Experience in application level attacks, bypassing firewalls, evading intrusion detection.
6. Experience building automated tool sets or expanding existing toolset libraries.
7. Secure code review experience using automated toolsets.
8. Software Engineering career experience.
9. Following Certifications: CISSP, CEH, GWAPT, GPEN, OSCP.
10. Thorough understanding of software vulnerabilities.
11. Knowledge of OWASP Top 10, SANS Top 25, CWE, WASC.
12. Ability to demonstrate understanding of vulnerability remediation.
13. Familiarity with malicious code identification and common hacker attack techniques.
14. Ability to research and reproduce vulnerability exploitation.
15. Understanding of advanced cryptographic concepts.
16. Ability to demonstrate manual testing experience including all of OWASP Top 10.

Qualifications

Skills Required
• Excellent problem solving and analytical skills.
• Superior oral and technical writing communication skills.
• Independence, self-managed, and motivated.
• Knowledge of the Software Development Lifecycle in an enterprise environment.
• Programming experience in two of the following languages: C#, Java, Python, Ruby.

Additional Information

All your information will be kept confidential according to EEO guidelines.