This job board retrieves part of its jobs from: West Virginia Jobs | Louisiana Jobs | Florida Jobs

Find jobs in Delaware today!

To post a job, login or create an account |  Post a Job

  Jobs in Delaware  

Bringing the best, highest paying job offers near you

previous arrow
next arrow
Slider

Lead Penetration Tester

Genesis10

This is a Full-time position in Wilmington, DE posted May 6, 2021.

Genesis10 is seeking a Lead Penetration Tester for a direct hire position with our client located in Wilmington, DE. Responsibilities The information security analyst will work as an integral component of the company’s Application Security team. The incumbent will focus on application penetration tests, automated ethical hacking, and static source code analysis within the SDLC. The candidate will be accountable for establishing consensus with stakeholders to reduce cyber risks while minimizing broader operational impact. Drive development of a holistic application security program Conduct manual ethical hack assessments of high risk web applications Rate the severity of defects and publish comprehensive reports detailing associated risks and mitigations Support broader vulnerability management processes to measure exploitability of vulnerabilities more precisely Reduce the cost of vulnerability remediation by identifying defects early within development lifecycle Good understanding of security processes, procedures, tools. Capable of performing security reviews of general purpose operating systems and network devices. Ability to work in teams to improve security posture Clearly organize work load to be able to project manage remediation activities Qualifications 10+ years of Vulnerability Management, Application Security, Penetration Testing and Red Teaming experience Bachelor’s Degree with 3-5 years’ experience in application security leading teams Proven understanding of OWASP top 10 vulnerabilities Ability to document vulnerabilities found within home brew applications. Setup demonstration meetings with developers to understand the flow of applications Setup remediation meetings and tracking before applications go into production Integrate developers with the SDLC process utilizing dynamic and static code review processes. Strong coding background with the ability to write scripts when needed. Granular knowledge of HTTP request buildingfuzzing and the ability to analyze in a local proxy. Strong understanding of XML, SOAP, and AJAX Good grasp on popular CMS frameworks and best practices. Proficiency in Linux (Kali) and the Metasploit framework and with common Kali standard tools such as nikto, dirbuster, sqlmap, nmap, etc. Knowledge of defect tracking tools such as Jira Security+, CISA, GSEC or similar certification considered however, not require Key Accountabilities Execute vulnerability scans Assist Stakeholders with the interpretation of their vulnerability scan results Involvement in penetration testing and red-team exercises if applicable Analyze penetration testing results Work with metrics to help analyze and prioritize vulnerabilities for remediation Track remediation work consistently in order to evidence improvements to program and closure of vulnerabilities Work on process and procedure to create repeatable and consistent processes and documentation around management of vulnerabilities Assist in operational projects and tasks Participate in the ongoing improvement of the scanning and vulnerability remediation processes Providing remediation support on any potential findings Work with metrics to help analyze and prioritize vulnerabilities for remediation Track remediation work consistently in order to evidence improvements to program and closure of vulnerabilities Work on process and procedure to create repeatable and consistent processes and documentation around management of vulnerabilities Ability to document vulnerabilities found within home brew applications. Setup demonstration meetings with developers to understand the flow of applications Setup remediation meetings and tracking before applications go into production Integrate developers with the SDLC process utilizing dynamic and static code review processes. Strong coding background with the ability to write scripts when needed. Granular knowledge of HTTP request buildingfuzzing and the ability to analyze in a local proxy. Strong understanding of XML, SOAP, and AJAX Good grasp on popular CMS frameworks and best practices. Proficiency in Linux (Kali) and the Metasploit framework and with common Kali standard tools such as nikto, dirbuster, sqlmap, nmap, etc. Knowledge of defect tracking tools such as Jira Security+, CISA, GSEC or similar certification considered however, not require Travel expected – minimal Strong written and oral communication skills in order to define business and technical parameters and lead team to meet business requirements. Excellent organizational and project management skills. Considers the business implications of the application of technology to the current business environment. Solid working knowledge of standard features and functions of multiple applicationsmodules to field, analyze and resolve customer issuesproblems. Identifies problems, researches alternatives, prepares presentations, drives solutions, tests to confirm, gains consensus, and implements solutions for multiple applications within multiple functions Proven ability to work well in a deadline-oriented environment Hands-on mentality, very good analytical capabilities with diligent work attitude In-depth knowledge and experience with triage and investigation of vulnerability data Excellent analytical skills Bachelor’s degree in computer science or related field Strong knowledge of Unix, LINUX and Windows operating environments, Oracle database and SQL Server Proven stakeholder management at technical and executive levels is a must Proven ability to be ability to execute and deliver in a complex environment with grace Ability to work with regulatory, legal and security best practices including General Data Privacy Regulation (GDPR), NYS Client 23 NYCRR Part 500, Sarbanes-Oxley (SOX), ISO 2700127002 Knowledge of program and project management experience a strong benefit Proven ability to prioritize work load, work effectively on concurrent tasks, and be able to meet project deadlines Insurance andor financial experience is desired, preferably within the commercial property and casualty lines Strong computer skills, including Microsoft Word and Excel. Strong technical and analytic aptitude Ability and willingness to learn quickly Excellent organizational and planning skills Soft skills Highly organized and detail oriented able to function under pressure, trouble shoot, emplace structure where necessary and prioritize between competing activities Approachable and outgoing with excellent verbal and written communication skills Takes ownership and maintains accountability Proven self-starter with energy, passion and drive This role will suit a candidate with experience working for smaller organizations where they have been highly visible to the business and where initiative and pro-activity are key Emotional intelligence and ability to get on with people and to get the best from them If you have the described qualifications and are interested in this exciting opportunity, apply today! About Genesis10 Genesis10 is a leading U.S. business and technology consulting firm with hundreds of clients needing proven talent and solutions to power their strategic initiatives. If you are a high performing business or IT professional with solid, referenced experience, we want to meet you. Genesis10 recruiters and delivery professionals are highly accomplished career advocates, who get to know you beyond your resume to position you with the opportunities that fit your skills, experience and aspirations. We have benefit options to fit your needs and a support staff that works with you from placement throughout your engagement project after project. To learn more about Genesis10 and to view all our available career opportunities, please visit us at www.genesis10.com “Genesis10 is an Equal Opportunity Employer, MFDV

Please add your adsense or publicity code here (inc/structure/adsfooter.php)