Web Security Application Tester Job #: JAGS0114
Location: Washington DC
Schedule: Day Shift
Remote Work Authorized: TBD
Clearance: Public Trust (minimum)
A web application tester is needed to break into or find possible exploits in different computer systems and software. You are expected to run a number of tests, generally based around application and network penetration, and fill out assessment reports about what was discovered. Test will often be pre-determined as well as designing your own a large portion of the time, which requires creativity and imagination. A superb level of technical knowledge and know-how will be called upon. You must have strong programming background and experience with manual testing of application security in a live production environment (i.e., experience that is limited to a pure tool-based penetration testing approach is not sufficient).
Essentials Job Functions:
As a web application tester, you would be expected to conduct formal tests on web-based applications, networks, and other types of computer systems on a regular basis. You will also be expected to work on security assessments of servers, databases, and network infrastructure devices. Along with these tests and assessments, you'll be conducting regular security audits from both a logical/theoretical standpoint and a technical/hands-on standpoint.
Required Technical Skills & Familiarity:
Strong programming background (Preferably in PERL language) scripting, Drupal, etc.
Experience with malware reverse engineering a plus
Strong Web Application Testing (Manual Testing skills / Automated tools such as Acunetix, Appscan, Burp Suite Pro, Metasploit, Nessus, etc.)
Web Application Testing experience
Network Infrastructure Testing experience
Education: Bachelor of Science
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
GIAC Penetration Tester (GPEN)
To apply send resume to Norris@FlexSR.com
Attn Web App Test (JAGS0114)