Experis is seeking an experienced Application Security Contractor for a long term contract (12+ months) in North Houston. We have several consultants working for this Manager, the Manager is looking to add another consultant in order to supplement internal efforts.
Candidate should have all of the following technical and professional characteristics as well:
- Min 6 years of experience penetration/vulnerability testing for web and thick-client applications in an enterprise environment
- Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc.
- Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc.
- Full grasp and ability to articulate and/or train others on the OWASP Top 10 and related concepts
- Minimum 6 years of experience with programming and/or scripting in one or more of the following languages: .NET, Java, PHP, Ruby, Perl, Bash, or similar language
- Minimum 6 years of experience with SQL, including a strong understanding of SQL syntax and the ability to perform basic management of MS SQL databases
- Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners
- Ability to capture and analyze network traffic at all seven layers of the OSI model, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data
- Have a solid grasp of core security fundamentals and concepts, including knowing ones system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc.
- Minimum 6 years of experience with enterprise-level security control implementations, including Network Intrusion Detection/Prevention (NIDS/NIPS), Corporate Antivirus, Enterprise Web Filtering, Data Loss Prevention, Insider-threat Mitigation, Botnet Detection, etc., as well as demonstrable knowledge of the principles and techniques used to bypass said controls.
- Ability to create extremely high quality written reports containing the findings from web and thick-client vulnerability assessments, as well as the ability to articulate those findings to peer technical staff as well as various levels of management
- Preference is for candidates with two or more of the following certifications: GSEC, GWAPT, CISSP, GPEN, GXPEN, CISA, CISM, OSCP, OSCE
Experis IT, a Manpower Group company, is proud to offer this opportunity with ExxonMobil; America's largest Oil & Gas company and a Fortune Top 5 company for 24 years. They are a premier petrochemical company - as one of the world's largest integrated refiners, marketers of petroleum products, and chemical manufacturers. In addition to continuously achieving superior financial and operating results, ExxonMobil is committed to excellence in Safety, Security, Health, and Environmental Responsibility. They are a highly ethical and constantly evolving company that uses technology and innovation to help meet the world's growing energy needs. Client Culture: ExxonMobil is committed to excellence in Safety, Security, Health, and Environment performance as well as Energy and Technology Innovation.
Safety & Security - With a goal of "Nobody Gets Hurt," ExxonMobil has a commitment to safety as a core value that is an integral part of their culture. Their aim is to ensure each employee and contractor leaves work each day safe and in good health. Corporate governance requires high ethical standards, compliance, and integrity in all business activities and decisions.
Health - A focus on employee health is a priority. ExxonMobil's Culture of Health program is a sound, evidence-based program designed to support the health of their employees and reduce health care costs. Their corporate culture promotes a work environment that helps their employees and their families pursue healthy lifestyles.
Environment - ExxonMobil conducts business in a manner that is responsive to the environmental and economic needs of communities in which they operate. They and have multiple initiatives designed to mitigate adverse environmental impacts, increase efficiencies, and reduce their environmental footprint.
Innovation - ExxonMobil has remained a leader in energy technology throughout its 135-year history. ExxonMobil is committed to investing in research and development of next-generation technologies across a broad spectrum of promising frontiers.
Experis is an Equal Opportunity Employer (EOE/AA)