Penetration Testing Engineer - Net2Source
Washington Dc Brm, DC 20001
About the Job
Net2Source Inc. is an award-winning total workforce solutions company recognized by Staffing Industry Analysts for our accelerated growth of 300% in the last 3 years with over 5500+ employees globally, with over 30+ locations in the US and global operations in 32 countries. We believe in providing staffing solutions to address the current talent gap – Right Talent – Right Time – Right Place – Right Price and acting as a Career Coach to our consultants.
Please find below the job description.
Position: Penetration Testing Engineer
Location: 100% REMOTE
Type: Long Term Contract
Job Description/ Responsibilities:
Experience must include:
Required Soft Skills:
Education:
1. Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience in regulated industries; OR
2. Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 5 years of relevant experience in regulated industries.
Certifications: (Minimum plus at least 1 preferred)
1. CEH or CompTIA PenTest+ or CSSLP (minimum required)
2. GIAC application security and/or pen testing related certifications (preferred)
3. Offensive security related certifications (preferred)
o 1. Penetration testing tools and frameworks such as BurpSuite, Metasploit, Nmap, AppScan, etc.
o Cloud and container technologies like Azure Kubernetes, Azure Container Registry, etc.
o Java, C++, C#, Python, HTML, Java script, PHP.
o Windows and UNIX operating systems and operation/configuration of common web servers as Apache, etc.
o OWASP, WASC, SANS, CVE, and CVSS (Threat & Vulnerability classification).
8. Practical working knowledge with identifying and mitigating security weaknesses, and incorporating security into enterprise software development lifecycle, both agile and traditional waterfall.
9. Demonstrated knowledge of running a broad range of web application testing tools, identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and helping develop platform specific remediation plan.
If you are interested, please forward your resume to Amir@Net2Source.com, You can also reach me at (+1-201-354-1049).
Why work with us - At Net2Source, we believe everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take necessary steps to make your mark. We help clients with new skilling, talent strategy, leadership development, employee experience, transformational change management and beyond.
Equal Employment Opportunity Statement:
Net2Source is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Awards and Accolades:
Regards,
Amir Ahmad
Account Manager
Net2Source Inc.
Global HQ Address – 270 Davidson Ave, Suite 704, Somerset, NJ 08873, USA
Office: (201) 340-8700 x 428 (EXT )| Cell: +1-201-354-1049 | Fax: (201) 221-8131| Email: amir@net2source.com
Web: www.net2source.com | Social: Facebook | Twitter | LinkedIn
Please find below the job description.
Position: Penetration Testing Engineer
Location: 100% REMOTE
Type: Long Term Contract
Job Description/ Responsibilities:
Experience must include:
- Security testing of custom solutions, integrations with ERP solutions and other commercial of the shelf solutions, application middleware (API, application servers, etc.), etc. that are on-premise and/or in the cloud in web, fat client or mobile form.
- Practical working knowledge and use of
- Penetration testing tools and frameworks such as BurpSuite, Metasploit, Nmap, AppScan, etc.
- Cloud and container technologies like Azure Kubernetes, Azure Container Registry, etc.
- Java, C++, C#, Python, HTML, Java script, PHP.
- Windows and UNIX operating systems and operation/configuration of common web servers as Apache, etc.
- OWASP, WASC, SANS, CVE, and CVSS (Threat & Vulnerability classification).
- Practical working knowledge with identifying and mitigating security weaknesses, and incorporating security into enterprise software development lifecycle, both agile and traditional waterfall.
- Demonstrated knowledge of running a broad range of web application testing tools, identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and helping develop platform specific remediation plan.
- Proven level of understanding of web application technologies (Java, .NET) and database management systems (Oracle, MS SQL) and related security concepts.
- In-depth and hands-on working knowledge of common website vulnerabilities such as SQL injection, cross-site scripting, remote/local file inclusion, etc.; in-depth knowledge of common website exploit techniques such as character encoding, privilege escalation, directory traversal, etc.
- Knowledge of security solutions, latest threats, and countermeasures.
Required Soft Skills:
- Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.
- Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
- Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.
- Interpersonal skills that create openness and trust among colleagues.
- Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity, and responsibility.
- Ability to be organized, responsive and to be able to effectively multi-task with a focus on driving results.
- Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers.
- Ability to work well under pressure and to meet tight deadlines, whilst demonstrating a high level of motivation, confidence, integrity, and responsibility.
- Excellent relationship management skills. Facilitation and conflict management skills that enable effective working relationships.
Education:
1. Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience in regulated industries; OR
2. Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 5 years of relevant experience in regulated industries.
Certifications: (Minimum plus at least 1 preferred)
1. CEH or CompTIA PenTest+ or CSSLP (minimum required)
2. GIAC application security and/or pen testing related certifications (preferred)
3. Offensive security related certifications (preferred)
o 1. Penetration testing tools and frameworks such as BurpSuite, Metasploit, Nmap, AppScan, etc.
o Cloud and container technologies like Azure Kubernetes, Azure Container Registry, etc.
o Java, C++, C#, Python, HTML, Java script, PHP.
o Windows and UNIX operating systems and operation/configuration of common web servers as Apache, etc.
o OWASP, WASC, SANS, CVE, and CVSS (Threat & Vulnerability classification).
8. Practical working knowledge with identifying and mitigating security weaknesses, and incorporating security into enterprise software development lifecycle, both agile and traditional waterfall.
9. Demonstrated knowledge of running a broad range of web application testing tools, identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and helping develop platform specific remediation plan.
If you are interested, please forward your resume to Amir@Net2Source.com, You can also reach me at (+1-201-354-1049).
Why work with us - At Net2Source, we believe everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take necessary steps to make your mark. We help clients with new skilling, talent strategy, leadership development, employee experience, transformational change management and beyond.
Equal Employment Opportunity Statement:
Net2Source is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Awards and Accolades:
- America's Most Honored Businesses (Top 10%)
- Awarded by USPAAC for Fastest Growing Business in the US
- 12th Fastest Growing Staffing Company in USA by Staffing industry Analysts in the US (2020, 2019, 2020)
- Fastest 50 by NJ Biz (2020, 2019, 2020)
- INC 5000 Fastest growing for 8 consecutive years in a row (only 1.26% companies make it to this list)
- Top 100 by Dallas Business Journal (2020 and 2019)
- Proven Supplier of the Year by Workforce Logiq (2020 and 2019)
- 2019 Spirit of Alliance Award by Agile1
- 2018 Best of the Best Platinum Award by Agile1
- 2018 TechServe Alliance Excellence Awards Winner
- 2017 Best of the Best Gold Award by Agile1(Act1 Group)
Regards,
Amir Ahmad
Account Manager
Net2Source Inc.
Global HQ Address – 270 Davidson Ave, Suite 704, Somerset, NJ 08873, USA
Office: (201) 340-8700 x 428 (EXT )| Cell: +1-201-354-1049 | Fax: (201) 221-8131| Email: amir@net2source.com
Web: www.net2source.com | Social: Facebook | Twitter | LinkedIn
Source : Net2Source