application security engineer
Posted on
September 19, 2024
by
Employer details
S-Square Systems
Job details
*Job Role: Application Security Tester-Pen Testing*
*Location: Downtown, Toronto(Hybrid Model)*
*Duration: 6+ Months*
*Responsibilities:*
* Conduct technical scoping of security testing activities required in a project.
* Define abuse cases, and Execute security tests using a broad range of tools to discover and exploit possible vulnerabilities and weaknesses within cloud, on-prem and hybrid environments
* Bring in appropriate tools to the organization and set up relevant testing configurations to enhance practical testing processes.
* Perform controlled and methodological attempts to exploit identified vulnerabilities, simulating real world attacks. Manual Pen testing.
* Perform application security assessments using industry standards OWASP ASVS, NIST, PCI DSS.
* Analyze and understand the impact and severity of exploits. Determine the risk and consequences that could result from these vulnerabilities.
* Document findings and remediation recommendations and collaborate with security consulting team and architects to ensure vulnerability findings are successfully and efficiently addressed.
* Provide guidance on implementing and/or improving secure software development processes
* Stay up to date with latest security vulnerabilities, techniques and industry best practices.
*Requirements:*
· Bachelor?s degree in computer science or related field
· Candidate should have 5+ years of experience of application security testing
· Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open-Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
· Familiarity with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
· Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows
· Familiarity with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations
· Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc.) certifications
Job Type: Full-time
Pay: $50.00-$55.00 per hour
Expected hours: 40 per week
Experience:
* Application Security Testing: 5 years (preferred)
* Penetration Testing: 5 years (preferred)
-
LocationToronto, ON
-
Workplace information
On site
-
Salary$50.00 to $55.00HOUR hourly
-
Terms of employment
Full time
- Start date
Starts as soon as possible
- vacancies
1 vacancy
- Source
indeed.com
#9453123298
Important notice: This job posting has been provided by a partner site. Job Bank is not responsible for this content.
Report a problem with this job posting
Thank you for your help!
You will not receive a reply. For enquiries, please contact us.