Job Details

Home

Hiring - Senior Security and Vulnerability Tester (Liferay Portal) - Austin, TX at Austin, Texas, USA

Email: [email protected]

Role: Senior Security and Vulnerability Tester (Liferay Portal)

Location: Austin, TX

Below are five Key Testing skills needed for this role. Please prioritize this

Vulnerability Scanning

Penetration Testing (Pen Testing)

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

API Security Testing

Job Description:
Senior Security and Vulnerability Tester (Liferay Portal)

Job Summary:

We are seeking an experienced Senior Security and Vulnerability Tester specializing in Liferay Portal to join our team. The ideal candidate will be responsible for ensuring the security of our Liferay Portal through rigorous security testing, vulnerability assessments, and penetration testing. This role requires deep knowledge of application security, vulnerability scanning, and the ability to identify, analyze, and mitigate security risks in a Liferay-based environment.

Key Responsibilities:

Vulnerability Scanning
:

Conduct regular vulnerability scans using tools like Nessus, Insight VM and Qualys to identify security flaws in Liferay and its supporting infrastructure.

Analyze scan results and collaborate with development teams to patch and resolve identified vulnerabilities.

Penetration Testing
:

Perform comprehensive penetration testing on the Liferay Portal to uncover vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).

Utilize tools such as Burp Suite, Metasploit, and OWASP ZAP to simulate real-world attacks and assess system resilience.

Static Application Security Testing (SAST)
:

Review the source code of Liferay components and custom modules using tools like SonarQube, Checkmarx, and Fortify to identify insecure coding practices.

Provide recommendations for improving code security and conduct regular audits of newly developed code.

Dynamic Application Security Testing (DAST)
:

Perform dynamic application security testing to identify runtime vulnerabilities in the Liferay Portal using tools like OWASP ZAP, Netsparker, or Acunetix.

Validate the effectiveness of security controls in real-time and recommend remediation strategies.

API Security Testing
:

Assess the security of APIs integrated with the Liferay Portal for authentication, authorization, and data exposure vulnerabilities.

Use tools like Postman, Burp Suite, or OWASP API Security Testing Guide to evaluate API endpoints for common vulnerabilities such as broken authentication and insecure direct

object references
.

Configuration Auditing
:

Perform security configuration audits of the Liferay portal and server environment, ensuring compliance with industry best practices (SSL/TLS, role-based access control, etc.).

Identify and mitigate security misconfigurations that could expose the portal to potential attacks.

Cross-Site Scripting (XSS) and Injection Testing
:

Perform specialized testing to detect XSS, SQL Injection, and other injection vulnerabilities in the portal.

Work closely with development teams to ensure proper input validation and security mechanisms are in place.

Required Skills and Experience:

5+ years
of experience in application security testing, including vulnerability assessments and penetration testing.

Hands-on experience with Liferay Portal security testing.

Proficiency in vulnerability scanning tools such as Nessus, OpenVAS, or Qualys.

Strong knowledge of Penetration Testing tools like Burp Suite, OWASP ZAP, Metasploit, and Kali Linux.

Expertise in Static Application Security Testing (SAST) using tools like SonarQube, Fortify, or Checkmarx.

Familiarity with security configuration best practices (SSL/TLS, RBAC, database security).

Proven experience in detecting and mitigating Cross-Site Scripting (XSS), SQL Injection, and other common web vulnerabilities.

Understanding of OWASP Top 10 vulnerabilities and how to prevent them.

Strong problem-solving skills and attention to detail.

Preferred Qualifications:

Experience with cloud-based environments (AWS, Azure) and container security.

Familiarity with DevSecOps practices and tools for integrating security into the SDLC.

--

Keywords: information technology wtwo Texas
Hiring - Senior Security and Vulnerability Tester (Liferay Portal) - Austin, TX
[email protected]

[email protected]
View all

Fri Oct 25 22:54:00 UTC 2024

To remove this job post send "job_kill 1879914" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

usac2creqs2023@gmail.com wrote:
Role: Senior Security and Vulnerability Tester (Liferay Portal)

Location: Austin, TX

Below are five Key Testing skills needed for this role. Please prioritize this

Vulnerability Scanning

Penetration Testing (Pen Testing)

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

API Security Testing

Job Description:
 Senior Security and Vulnerability Tester (Liferay Portal)

Job Summary:

We are seeking an experienced Senior Security and Vulnerability Tester specializing in Liferay Portal to join our team. The ideal candidate will be responsible for ensuring the security of our Liferay Portal through rigorous security testing, vulnerability assessments, and penetration testing. This role requires deep knowledge of application security, vulnerability scanning, and the ability to identify, analyze, and mitigate security risks in a Liferay-based environment.

Key Responsibilities:

Vulnerability Scanning
:

Conduct regular vulnerability scans using tools like Nessus, Insight VM and Qualys to identify security flaws in Liferay and its supporting infrastructure.

Analyze scan results and collaborate with development teams to patch and resolve identified vulnerabilities.

Penetration Testing
:

Perform comprehensive penetration testing on the Liferay Portal to uncover vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).

Utilize tools such as Burp Suite, Metasploit, and OWASP ZAP to simulate real-world attacks and assess system resilience.

Static Application Security Testing (SAST)
:

Review the source code of Liferay components and custom modules using tools like SonarQube, Checkmarx, and Fortify to identify insecure coding practices.

Provide recommendations for improving code security and conduct regular audits of newly developed code.

Dynamic Application Security Testing (DAST)
:

Perform dynamic application security testing to identify runtime vulnerabilities in the Liferay Portal using tools like OWASP ZAP, Netsparker, or Acunetix.

Validate the effectiveness of security controls in real-time and recommend remediation strategies.

API Security Testing
:

Assess the security of APIs integrated with the Liferay Portal for authentication, authorization, and data exposure vulnerabilities.

Use tools like Postman, Burp Suite, or OWASP API Security Testing Guide to evaluate API endpoints for common vulnerabilities such as broken authentication and insecure direct

object references
.

Configuration Auditing
:

Perform security configuration audits of the Liferay portal and server environment, ensuring compliance with industry best practices (SSL/TLS, role-based access control, etc.).

Identify and mitigate security misconfigurations that could expose the portal to potential attacks.

Cross-Site Scripting (XSS) and Injection Testing
:

Perform specialized testing to detect XSS, SQL Injection, and other injection vulnerabilities in the portal.

Work closely with development teams to ensure proper input validation and security mechanisms are in place.

Required Skills and Experience:

5+ years
 of experience in application security testing, including vulnerability assessments and penetration testing.

Hands-on experience with Liferay Portal security testing.

Proficiency in vulnerability scanning tools such as Nessus, OpenVAS, or Qualys.

Strong knowledge of Penetration Testing tools like Burp Suite, OWASP ZAP, Metasploit, and Kali Linux.

Expertise in Static Application Security Testing (SAST) using tools like SonarQube, Fortify, or Checkmarx.

Familiarity with security configuration best practices (SSL/TLS, RBAC, database security).

Proven experience in detecting and mitigating Cross-Site Scripting (XSS), SQL Injection, and other common web vulnerabilities.

Understanding of OWASP Top 10 vulnerabilities and how to prevent them.

Strong problem-solving skills and attention to detail.

Preferred Qualifications:

Experience with cloud-based environments (AWS, Azure) and container security.

Familiarity with DevSecOps practices and tools for integrating security into the SDLC.

Keywords: information technology wtwo Texas 
Hiring - Senior Security and Vulnerability Tester (Liferay Portal) - Austin, TX
usac2creqs2023@gmail.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 11

Location: Austin, Texas