We are seeking a Security consultant with strong experience in web and mobile application security assessments. Candidate must have strong experience in performing penetration testing and vulnerability management services for applications, network systems, operating systems, and database. Candidates should have experience with black box, grey box, and white box testing.
Whether through traditional retail, mobile, or e-commerce, our innovation is leading the digital convergence of traditional and emerging payments technologies across a wide variety of new devices and services for billions of users worldwide.
Are you passionate about security? Do you like to tinker with things in order to figure out how to build them better, stronger, and more resilient? Are you a people person who values partnership, teamwork, and building solutions with cross-functional disciplines and teams? Are you curious? Do you follow trends, research, and best practices as part of your insatiable desire to learn and teach others? Do you want to have a true impact on the security of how the world transacts? This may be the role for you.
Conducting application security assessments and penetration tests (web, mobile, web service, etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as Checkmarx.
Assist in the development, evaluation, and implementation of application penetration testing processes and tools
Research and keep up to date of application security emerging threats, techniques, tools, and trends
Able to assist in setting the strategic direction for Application Security program across the firm
Creates organizational knowledge about key technologies, tools and methodologies
Hands-on experience of penetration testing or web, mobile, web services and network
Knowledge of OWASP, SANS, or other security-related frameworks and penetration testing methodologies
Current knowledge of security best practices, common exploits, and threat landscape
Experience with application threat modeling or other risk identification techniques
Good understanding of Software Development especially related to secure coding best practices. Prior experience in Programming/Scripting such as Java, VB, Python, Powershell is a plus
Knowledge of secure software development life cycle (SSDLC), DevSecOps, Cloud, CI/CD pipeline preferred
Strong relationship building skills and collaborative style to enable success across multiple partners desired
The candidate should be familiar with laws, regulations, and industry standards such as PCI DSS GDPR, CCPA, GLBA, NIST SP800-53, and Cybersecurity Framework, and International Organization for Standardization (ISO) series 27001/2, 27005, 31000.
515 Olive St. Suite 400 St Louis, MO, 63101Contact