Application Penetration testers /Dynamic Application Security Testing (DAST)

Application Penetration Testers / Dynamic Application Security Testing (DAST)

San Francisco CA or New York City, NY or Charlotte NC or Irving TX or Chandler AZ or Minneapolis MN (Hybrid 3-5 days onsite) 12+ Months Web cam Interview $55-$60/Hr on W2

In this contingent resource assignment, you may:

• Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering and contribute to large-scale planning related to Information Security Engineering deliverables.
• Review and analyze moderately complex Information Security Engineering challenges that require an in-depth evaluation of variable factors.
• Contribute to the resolution of moderately complex issues and consult with others to meet Information Security Engineering deliverables while leveraging solid understanding of the function policies procedures and compliance requirements.
• Collaborate with client personnel in Information Security Engineering.

Required Qualifications:

• 4 years of Information Security Engineering experience or equivalent demonstrated through one or a combination of the following: work or consulting experience training military experience education.

Skills:

• Conduct Dynamic Application Security Testing (DAST) through manual testing and by using automated testing tools
• Review test results from tools
• Ensure that DAST tests are completed successfully
• Identify and remove any false positives from automated testing tool reports
• Triage & Disposition results and enforce a Bug Bar
• Verify/validate defect fixes
• Provide application security consulting SME Support to developers
• Assist developers with understanding of security defects and risk
• Assist in defining acceptable solution to fix defects
• Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
• Develop and review malicious use cases/threat models
• Maintain a broad understanding of security technologies and products

Requirements:

• 5 years of information security applications and systems experience
• 3 years of DAST Dynamic Application Security Testing experience
• 3 years of automated information security penetration tools experience
• Penetration testing certification such us GPEN GXPEN GWAPT or OSCP