Hello Partners,
Hope you all doing good
I m Sourabh from VBeyond Corporation and here we have Application Security role in Goodlettsville TN please let me know if you have anyone relevant for the job, kindly share resumes to saurabhm@vbeyond.com or call me at 9088540421
Role : Application Security
Location : Goodlettsville, TN
Duration : Long Term
Responsibilities:
· Conduct security testing of web/mobile applications and web services/APIs, including source code security analysis (SAST) and dynamic (DAST) testing using a combination of commercial, open-source tools, and manual testing methods
· Perform security reviews of network infrastructure and endpoints hosted within the internal network as well as SaaS environments
· Adhere to best practice frameworks (e.g. OWASP)
· Use threat modelling tools to explore potential application, network, and infrastructure security-related threats
· Deliver timely and accurate security testing results to both technical and non-technical audiences
· Track and follow-up on remediation of identified security risks
· Act as liaison between application security teams, development teams, business units and vendors
· Provide subject matter expertise in security best practices and standards to ensure compliance with company security standards.
· Work closely with business units to determine work estimates and scope
· Propose and implement ideas to enhance and automate security-related processes
· Stay current on emerging technologies, products, and trends related to security solutions and testing techniques
Technical Qualifications:
· 3-5 Years Combined Experience in 2 or More of the Following:
· Web Application Security Testing
· Mobile Application Security Testing
· API Security Testing
· Network Penetration Testing
· Source Code Security Analysis
Strong, Hands-on Experience with Security Testing Tools such as:
· DAST (e.g. Fortify WebInspect, Fortify WebInspect Enterprise, IBM AppScan)
· SAST (e.g. Fortify SCA, Checkmarx CxSAST)
· Development Collaboration Platforms (e.g. Fortify SSC, Gitlab, Jira)
· Web Proxy Tools (e.g. BurpSuite Professional / BurpSuite Enterprise, OWASP ZAP)
· Open-Source Testing Tools (e.g. Nmap, OpenSSL, Metasploit, SQLMap)
Understanding of Network/Server Technologies such as:
· Firewalls (Network, Host, and Web Application)
· Cloud Hosting
· Containerization
· DNS, Routing, and other Common Networking Principles
· Directory Services / Active Directory
· Web Server Platforms (IIS / Tomcat)
· API / Web Services
· PKI / Web Certificates
· Familiarity with Compiled/Scripting Languages (e.g. C#, JavaScript, Python, Java, Swift, Kotlin)
Additional Qualifications
· Strong, effective written and oral communications skills
· Ability to clearly communicate pragmatic security risk and remediation recommendations to technical (e.g. developers) and non-technical audiences
· Ability to work independently with minimal supervision
Preferred:
· College degree in relevant fields or equivalent professional experience
· Software development background
· Active certification preferred (e.g. OSCP, OSWE, CSSLP, CISSP)
Thanks,
Saurabh Mishra | VBeyond Corporation
Direct Number 908-854-0421
Note: VBeyond is fully committed to Diversity and Equal Employment Opportunity.
