Thursday, January 13, 2011

Security Jobs: Web Application Security Consultant, Telecommute

Web Application Security Consultant

Location: Telecommute or Winston-Salem, NC, Minneapolis, MN or San Francisco, CA

Type: Full Time or Contract’s Application Security focused partner is interested in expanding their Security Team to address a growing volume of work. They have multiple positions for application vulnerability assessments, penetration testing, and source code analysis. Candidates must be well versed in performing assessments and testing coupled with researching exploits and vulnerabilities, reading security community sites and blogs, and experimenting with and writing exploits. The candidate should be a self-starter who is highly motivated and willing to learn a constantly evolving skill set.

Required Skills/Experience:

• Strong understanding of application security.

• At least 2 years of experience performing penetration testing of web applications and their associated platforms (e.g., J2EE, .Net, Apache, IIS, Websphere, etc.).

• Possess an in-depth understanding of source code review methodologies and best practices.

• Excellent verbal and writing skills are a must as well as the ability to write clear and concise assessment reports.

• Experience with various code review tools, including Fortify.

• Software development experience with scripting languages such as PERL and Python. C++, C#, .Net, ActiveX and Java programming experience is desirable.

Preferred Education/Certification:

• Bachelor's degree in related field or equivalent and 4+ years of related experience. 2-3 working in the cyber security field.

• CISSP is not required, although it is a plus.

Location: open- combination of travel to client site and telecommuting

Compensation: $110,000-$120,000 plus benefits for Full Time hire's Security Recruiter Blog