|Date Posted||May 16, 2018|
Full Time opportunity as a Lead Penetration Tester for a leading technology vendor with a global network of experts and growing security program. This role comes with the responsibility to make an impact on all phases the application life cycle and take ownership in a cross-functional security team.
- Execute the security program and initiatives contributing to the overall direction and strategy of application security
- SME in Application Security around all areas of design, secure coding, and penetration testing
- Source code review, threat modeling, performing risk analysis, identify vulnerabilities, and collaborate with development teams
- Perform security assessments of existing architecture and makes security recommendations for new deployments.
- Manage application security vendor engagements
- Represent the Information Security team on all application security matters across the organization
- Build out SIEM dashboards for security monitoring and alerting.
- 4+ years of information security experience including web application assessment, penetration testing, and vulnerability research; deep experience with source code reviews, code analysis tools
- B.S. or M.S. in Computer Science or relevant concentration required
- One of the following certifications: CISSP, CSSLP, CEH, GPEN, GWAPT
- Experience with:
- SIEM technologies such as Splunk
- Security testing tools such as Burp, ZAP, Fortify, and Nessus
- Java, Ruby, or C#
- Threat models for large, distributed systems and cloud-based infrastructure (AWS, Google Cloud, or Azure)
Sthree US is acting as an Employment Agency in relation to this vacancy.