The Latest in IT Security

Penetration Tester


Penetration Tester

Posted: 20 September 2012
Company name: PayPal
Location: San Jose, CA
United States
Pay rate: Open
Travel: none
Poster represents: employer
Terms of employment: Salaried employee
Hours: full time
Onsite: yes

Do you have the passion for Penetration/ Security Testing/ Ethical Hacking? Join an elite team in an environment where you have the opportunity to perform vulnerability assessments and penetration testing.

This position is for a Security Quality Engineer, Penetration Testing. Automation and API level testing skills are required. As a Senior Quality Engineer, you will partner with Software Developers, Product Managers, Information Security and other Quality Engineers to:


. Perform vulnerability assessments and penetration testing/ethical hacking.

. Perform, review and analyze security vulnerability data to identify applicability and false positives.

. Research and develop testing tools, techniques, and process improvements.

. Create risk based security code reviews (static & dynamic).

. Conduct penetration testing in line with Open Web application Security project (OWASP).

. Publish reports and test results in line with scanners and test cases to stakeholders.

. Organize and execute regression reviews for applications.

. Handhold dev teams for vulnerability remediation with sample code snippets.

. Analyze product requirements, create security test plans, and perform code reviews.

. Mentor junior engineers to build their skills and contribution levels.

. Develop and present educational programs and/or workshops.

. Write data-driven, white box/APIs and UI test automation.

. Design and modify test frameworks as required.

Required skills:
. 8+ years professional related experience with 2+ years of Penetration Testing experience

. Knowledge of the nature and sources web application and database vulnerabilities, how to identify and exploit them,

. Knowledge of the nature and sources network and host application vulnerabilities

. Vast knowledge in computer security issues, requirements and trends

. Proficiency with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm

. Programming experience in Java, C++, Perl, or Python.

. Ability to document and track defects, as well as produce detailed reports using defect tracking tools

. Experience with white-box or gray-box testing

. Familiarity with software Product development lifecycles (SDLC/PDLC)

. Knowledge of Quality test techniques

. Working understanding of database concepts

. Agile experience is desired

. Have been working in both Unix and Windows environments

. Team player, able to dealing with conflict, handling ambiguity and a quick learner

. Passion for breaking code and quality

. Hands on experience of Penetration Testing is a must

. BSEE, CS or other relevant technical degree required.

Desired skills:
. CEH, CISSP, GIAC certification preferred

Contact information:
For immediate and confidential consideration, please send resumes to [email protected]

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments