The Latest in IT Security

Penetration Tester

20
Sep
2012

Penetration Tester

Posted: 20 September 2012
Company name: PayPal
Location: San Jose, CA
United States
Pay rate: Open
Travel: none
Poster represents: employer
Terms of employment: Salaried employee
Hours: full time
Onsite: yes

Description:
Do you have the passion for Penetration/ Security Testing/ Ethical Hacking? Join an elite team in an environment where you have the opportunity to perform vulnerability assessments and penetration testing.

This position is for a Security Quality Engineer, Penetration Testing. Automation and API level testing skills are required. As a Senior Quality Engineer, you will partner with Software Developers, Product Managers, Information Security and other Quality Engineers to:

Responsibilities:

. Perform vulnerability assessments and penetration testing/ethical hacking.

. Perform, review and analyze security vulnerability data to identify applicability and false positives.

. Research and develop testing tools, techniques, and process improvements.

. Create risk based security code reviews (static & dynamic).

. Conduct penetration testing in line with Open Web application Security project (OWASP).

. Publish reports and test results in line with scanners and test cases to stakeholders.

. Organize and execute regression reviews for applications.

. Handhold dev teams for vulnerability remediation with sample code snippets.

. Analyze product requirements, create security test plans, and perform code reviews.

. Mentor junior engineers to build their skills and contribution levels.

. Develop and present educational programs and/or workshops.

. Write data-driven, white box/APIs and UI test automation.

. Design and modify test frameworks as required.


Required skills:
. 8+ years professional related experience with 2+ years of Penetration Testing experience

. Knowledge of the nature and sources web application and database vulnerabilities, how to identify and exploit them,

. Knowledge of the nature and sources network and host application vulnerabilities

. Vast knowledge in computer security issues, requirements and trends

. Proficiency with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm

. Programming experience in Java, C++, Perl, or Python.

. Ability to document and track defects, as well as produce detailed reports using defect tracking tools

. Experience with white-box or gray-box testing

. Familiarity with software Product development lifecycles (SDLC/PDLC)

. Knowledge of Quality test techniques

. Working understanding of database concepts

. Agile experience is desired

. Have been working in both Unix and Windows environments

. Team player, able to dealing with conflict, handling ambiguity and a quick learner

. Passion for breaking code and quality

. Hands on experience of Penetration Testing is a must

. BSEE, CS or other relevant technical degree required.

Desired skills:
. CEH, CISSP, GIAC certification preferred

Contact information:
For immediate and confidential consideration, please send resumes to [email protected]

Leave a reply


Categories

SATURDAY, APRIL 21, 2018

Featured

Archives

Latest Comments

Social Networks