Penetration Tester

Sep

2012

Penetration Tester

Posted: 20 September 2012

Company name: PayPal

Location: San Jose, CA

United States

Pay rate: Open

Travel: none

Poster represents: employer

Terms of employment: Salaried employee

Hours: full time

Onsite: yes

Description:
Do you have the passion for Penetration/ Security Testing/ Ethical Hacking? Join an elite team in an environment where you have the opportunity to perform vulnerability assessments and penetration testing.

This position is for a Security Quality Engineer, Penetration Testing. Automation and API level testing skills are required. As a Senior Quality Engineer, you will partner with Software Developers, Product Managers, Information Security and other Quality Engineers to:

Responsibilities:

. Perform vulnerability assessments and penetration testing/ethical hacking.

. Perform, review and analyze security vulnerability data to identify applicability and false positives.

. Research and develop testing tools, techniques, and process improvements.

. Create risk based security code reviews (static & dynamic).

. Conduct penetration testing in line with Open Web application Security project (OWASP).

. Publish reports and test results in line with scanners and test cases to stakeholders.

. Organize and execute regression reviews for applications.

. Handhold dev teams for vulnerability remediation with sample code snippets.

. Analyze product requirements, create security test plans, and perform code reviews.

. Mentor junior engineers to build their skills and contribution levels.

. Develop and present educational programs and/or workshops.

. Write data-driven, white box/APIs and UI test automation.

. Design and modify test frameworks as required.

Required skills:
. 8+ years professional related experience with 2+ years of Penetration Testing experience

. Knowledge of the nature and sources web application and database vulnerabilities, how to identify and exploit them,

. Knowledge of the nature and sources network and host application vulnerabilities

. Vast knowledge in computer security issues, requirements and trends

. Proficiency with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm

. Programming experience in Java, C++, Perl, or Python.

. Ability to document and track defects, as well as produce detailed reports using defect tracking tools

. Experience with white-box or gray-box testing

. Familiarity with software Product development lifecycles (SDLC/PDLC)

. Knowledge of Quality test techniques

. Working understanding of database concepts

. Agile experience is desired

. Have been working in both Unix and Windows environments

. Team player, able to dealing with conflict, handling ambiguity and a quick learner

. Passion for breaking code and quality

. Hands on experience of Penetration Testing is a must

. BSEE, CS or other relevant technical degree required.

Desired skills:
. CEH, CISSP, GIAC certification preferred

Contact information:
For immediate and confidential consideration, please send resumes to [email protected].

Written by Virus Bulletin - Jobs

0 Comments

The Latest in IT Security

Penetration Tester

Penetration Tester

Categories

Featured

Archives

Latest Comments

About Us

Contact Us

Posted:	20 September 2012
Company name:	PayPal
Location:	San Jose, CA
	United States
Pay rate:	Open
Travel:	none
Poster represents:	employer
Terms of employment:	Salaried employee
Hours:	full time
Onsite:	yes
Description: Do you have the passion for Penetration/ Security Testing/ Ethical Hacking? Join an elite team in an environment where you have the opportunity to perform vulnerability assessments and penetration testing. This position is for a Security Quality Engineer, Penetration Testing. Automation and API level testing skills are required. As a Senior Quality Engineer, you will partner with Software Developers, Product Managers, Information Security and other Quality Engineers to: Responsibilities: . Perform vulnerability assessments and penetration testing/ethical hacking. . Perform, review and analyze security vulnerability data to identify applicability and false positives. . Research and develop testing tools, techniques, and process improvements. . Create risk based security code reviews (static & dynamic). . Conduct penetration testing in line with Open Web application Security project (OWASP). . Publish reports and test results in line with scanners and test cases to stakeholders. . Organize and execute regression reviews for applications. . Handhold dev teams for vulnerability remediation with sample code snippets. . Analyze product requirements, create security test plans, and perform code reviews. . Mentor junior engineers to build their skills and contribution levels. . Develop and present educational programs and/or workshops. . Write data-driven, white box/APIs and UI test automation. . Design and modify test frameworks as required.
Required skills: . 8+ years professional related experience with 2+ years of Penetration Testing experience . Knowledge of the nature and sources web application and database vulnerabilities, how to identify and exploit them, . Knowledge of the nature and sources network and host application vulnerabilities . Vast knowledge in computer security issues, requirements and trends . Proficiency with Security tools like AppScan, WebInspect,Paros,Cenzic Hailstorm . Programming experience in Java, C++, Perl, or Python. . Ability to document and track defects, as well as produce detailed reports using defect tracking tools . Experience with white-box or gray-box testing . Familiarity with software Product development lifecycles (SDLC/PDLC) . Knowledge of Quality test techniques . Working understanding of database concepts . Agile experience is desired . Have been working in both Unix and Windows environments . Team player, able to dealing with conflict, handling ambiguity and a quick learner . Passion for breaking code and quality . Hands on experience of Penetration Testing is a must . BSEE, CS or other relevant technical degree required.
Desired skills: . CEH, CISSP, GIAC certification preferred
Contact information: For immediate and confidential consideration, please send resumes to [email protected].