Security Quality Engineer – PayPal

Mar

2013

Security Quality Engineer – PayPal

Posted: 27 March 2013

Company name: PayPal

Location: San Jose

United States

Travel: none

Poster represents: employer

Terms of employment: Salaried employee

Hours: full time

Onsite: yes

Description:
This position is for a technical penetration test Security Quality Engineer. Automation and API level testing skills are required. As a Senior Quality Engineer, you will partner with Software Developers, Product Managers, Information Security and other Quality Engineers to:

Responsibilities:

. Perform vulnerability assessments and penetration testing/ethical hacking

. Perform, review and analyze security vulnerability data to identify applicability and false positives

. Proficiency with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm

. Programming experience in Java, C++, Perl, or Python.

. Research and develop testing tools, techniques, and process improvements

. Create risk based security code reviews (static & dynamic)

. Conduct penetration testing in line with Open Web application Security project (OWASP)

. Publish reports and test results in line with scanners and test cases to stakeholders

. Organize and execute regression reviews for applications

. Handhold dev teams for vulnerability remediation with sample code snippets

. Analyze product requirements, create security test plans, and perform code reviews

. Mentor junior engineers to build their skills and contribution levels

. Develop and present educational programs and/or workshops.

. Write data-driven, white box/APIs and UI test automation

. Design and modify test frameworks as required

Required skills:
. Knowledge of the nature and sources web application and database vulnerabilities, how to identify and exploit them,

. Knowledge of the nature and sources network and host application vulnerabilities

. Vast knowledge in computer security issues, requirements and trends

. Programming experience in Java, C++, Perl, or Python.

. Ability to document and track defects, as well as produce detailed reports using defect tracking tools

. Experience with white-box or gray-box testing

. Familiarity with software development lifecycles (SDLC)

. Knowledge of Quality test techniques

. Working understanding of database concepts

. Agile experience is desired

. Have been working in both Unix and Windows environments

. Team player, able to dealing with conflict, handling ambiguity and a quick learner

. Passion for breaking code and quality

. Hands on experience of penetration testing is a must

. Experience with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm

. BSEE, CS or other relevant technical degree required. 5+ years professional related experience or Master’s Degree and 3+ years, or Doctorate and 1+ years

Desired skills:
CEH, CISSP, GIAC certification preferred

URL for more information:
https://www.jobs.ebaycareers.com

Contact information:
e-mail resumes to [email protected]

Written by Virus Bulletin - Jobs

0 Comments

The Latest in IT Security

Security Quality Engineer – PayPal

Security Quality Engineer – PayPal

Categories

Featured

Archives

Latest Comments

About Us

Contact Us

Posted:	27 March 2013
Company name:	PayPal
Location:	San Jose
	United States
Travel:	none
Poster represents:	employer
Terms of employment:	Salaried employee
Hours:	full time
Onsite:	yes
Description: This position is for a technical penetration test Security Quality Engineer. Automation and API level testing skills are required. As a Senior Quality Engineer, you will partner with Software Developers, Product Managers, Information Security and other Quality Engineers to: Responsibilities: . Perform vulnerability assessments and penetration testing/ethical hacking . Perform, review and analyze security vulnerability data to identify applicability and false positives . Proficiency with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm . Programming experience in Java, C++, Perl, or Python. . Research and develop testing tools, techniques, and process improvements . Create risk based security code reviews (static & dynamic) . Conduct penetration testing in line with Open Web application Security project (OWASP) . Publish reports and test results in line with scanners and test cases to stakeholders . Organize and execute regression reviews for applications . Handhold dev teams for vulnerability remediation with sample code snippets . Analyze product requirements, create security test plans, and perform code reviews . Mentor junior engineers to build their skills and contribution levels . Develop and present educational programs and/or workshops. . Write data-driven, white box/APIs and UI test automation . Design and modify test frameworks as required
Required skills: . Knowledge of the nature and sources web application and database vulnerabilities, how to identify and exploit them, . Knowledge of the nature and sources network and host application vulnerabilities . Vast knowledge in computer security issues, requirements and trends . Programming experience in Java, C++, Perl, or Python. . Ability to document and track defects, as well as produce detailed reports using defect tracking tools . Experience with white-box or gray-box testing . Familiarity with software development lifecycles (SDLC) . Knowledge of Quality test techniques . Working understanding of database concepts . Agile experience is desired . Have been working in both Unix and Windows environments . Team player, able to dealing with conflict, handling ambiguity and a quick learner . Passion for breaking code and quality . Hands on experience of penetration testing is a must . Experience with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm . BSEE, CS or other relevant technical degree required. 5+ years professional related experience or Master’s Degree and 3+ years, or Doctorate and 1+ years
Desired skills: CEH, CISSP, GIAC certification preferred
URL for more information: https://www.jobs.ebaycareers.com
Contact information: e-mail resumes to [email protected]