Prestigious Fortune 500 Company is currently seeking an Security Engineer with ethical hacking and penetration testing experience. Candidate requires expertise regarding security vulnerabilities and the ability to conduct application analysis, malware analysis, protocol analysis, and debugging; the successful candidate will report security vulnerabilities and the risks those vulnerabilities present to senior management and other technical individuals; and recommend solutions to mitigate vulnerabilities.
JOB REQUIREMENTS: 1) Bachelor Degree in Computer Science, with 4 years IT security experience OR 6 years IT security experience. 2) White box or Black box penetration testing experience. Knowledge in both types of testing environments is essential. 3) Experience with reviewing source code for security vulnerabilities. 4) Experience in the some or all of the following: computer architecture, operating systems and networking protocols. 5) Experience with compiled and interpreted programs, for example: database systems, web servers, application servers, mainframes, firewalls, routers, load balancers, switches, and different types of middleware. 6) Experience using debuggers and/or disassemblers; 7) Excellent verbal communications skills and concise written communication skills. 8) Excellent organization and multitasking skills.
PREFERRED JOB REQUIREMENTS: 1) One or more of following certifications: CISSP, GIAC, C|EH, OSCP; 2) Experience in vulnerability research, reverse engineering, binary analysis and assembler; 3) Experience with vulnerability scanning tools e.g. Nessus, Nexpose, Saint etc; 4) Experience with web application vulnerability scanning tools e.g. IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro etc; 5) Experience with static analysis tools e.g IBM Appscan Source, HP Fortify etc; 6) Experience with high level programming languages e.g, Java, C, C++, .NET (C#, VB); 7) Experience with web application development e.g. ASP.NET, ASP, PHP, J2EE, JSP;