The Latest in IT Security

Penetration Security Tester


Penetration Security Tester

Posted: 5 June 2012
Company name: Paypal
Location: San Jose
United States
Travel: none
Poster represents: employer

Perform vulnerability assessments and penetration testing, utilizing tools such as AppScan, Hailstorm, WebInspect and Paros

Perform, review and analyze security vulnerability data to identify applicability and false positives

Research and develop testing tools, techniques, and process improvements

Create risk based security code reviews (static & dynamic)

Conduct penetration testing in line with Open Web application Security project

Publish reports and test results in line with scanners and test cases to stakeholders

Organize and execute regression reviews for applications

Handhold dev teams for vulnerability remediation with sample code snippets

Analyze product requirements, create security test plans, and perform code reviews

Mentor junior engineers to build their skills and contribution levels

Develop and present educational programs and/or workshops.

Required skills:
BSEE, CS or other relevant technical degree required. 8+ years professional related experience or Master’s Degree and 6+ years, or Doctorate and 4+ years .

Prior experience with Penetration Testing

Knowledge of the nature and sources web application and database vulnerabilities, how to identify and exploit them.

Knowledge of the nature and sources network and host application vulnerabilities.

Vast knowledge in computer security issues, requirements and trends.

Programming experience in Java, C++, Perl, or Python.

Ability to document and track defects, as well as produce detailed reports using defect tracking tools.

Experience with white-box or gray-box testing.

Familiarity with software development lifecycles (SDLC).

Agile experience is desired.

Have been working in both Unix and Windows environments.

Team player, able to dealing with conflict, handling ambiguity and a quick learner

Desired skills:
Experience with AppScan, Hailstorm, WebInspect, and Paros is a plus.

Contact information:
Suveti Bhatia

[email protected]

Ph No. 408-417-9812

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments