| High Priority-IT Security Analyst I (Penetration testing)-Detroit, MI, 48226 at Detroit, Michigan, USA |
| Email: [email protected] |
| From: Eswar Ulluri, TekWissen_LLC [email protected] Reply to: [email protected] Overview: TekWissen Group is a workforce management provider throughout the USA and many other countries in the world. Our client is a health insurance company. It offers different types of health care coverage plans that include individual and family, dental and vision, plans for employers, etc. Title: IT Security Analyst I Work Location: Detroit, MI, 48226 Duration: 12 Months Job Type: Contract Work Type: Hybrid Dept: EIS Purchased Services Pay Rate: $35-$35/hr. Engagement Description: We are seeking a highly skilled and experienced Penetration Tester to join our team. Our goal is to stand up a formal process to periodically scan, detect, prioritize, and report on the security posture and health of client publicly accessible web applications and websites, by checking for known vulnerabilities and weak configurations. The ideal candidate will have a strong background in cyber security, with expertise in performing penetration testing and vulnerability assessments. As a Penetration Tester, you will play a crucial role in establishing a cycle of scanning, reporting, and remediation to include client application and website stakeholders as part of our regularly scheduled Threat and Vulnerability Management process. Top 3 Required Skills/Experience Enterprise application penetration testing, with a strong understanding of OWASP Top 10 and CWE Top 25 vulnerabilities (e.g., XXE, XXS, SQLi). Manual penetration testing of Network & Web applications, and Web Services penetration testing (RESTful and SOAP). Familiarity with Web Authentication protocols (e.g., OAuth2, SAML, LDAP) Familiarity with Tenable Web Application Module, Acunetix and Synopsis Required Skills/Experience The rest of the required skills/experience. Include: 3-5 years of experience in Penetration Testing, with a focus on dynamic web applications. Experience in development and/or code auditing is strongly preferred. Hands-on experience manually testing web applications and APIs, with a background in web application development and code auditing. Proficiency in AWS, Cloud Audit, Serverless, Microservice Architecture, and scripting languages (e.g. Java). Working knowledge of basic networking concepts, application architecture, and AWS services. Excellent verbal and written communication skills. Ability to exploit recognized vulnerabilities and discover new vulnerabilities. Hands-on experience with both white box and black box testing Good to have CEH, OSCP or any security vendor certification would be preferred. Preferred Skills/Experience Optional but preferred skills/experience. Include: Experience in testing business critical environments. Real-time traffic analysis, network IDS and packet dissection. Solid understanding of information security and applied cryptographic protocols. Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols etc. Good to understand tools and technologies for performing Penetration Testing. Education/Certifications Include: Preferred, but not required: CISSP CEH (Certified Ethical Hacker). Keywords: information technology Michigan |
| [email protected] View all |
| Wed Dec 06 23:13:00 UTC 2023 |