Apex Systems has a great new opportunity with a financial institution as a Penetration Tester. This is a contract position and will be providing application pen testing for annual tests, new applications, and major upgrades to existing applications. If interested send your resume to Jeremy at Location: Remote Duration: 6 month contract Position: Application Penetration TesterPrimary Responsibilities
- Conduct penetration tests and vulnerability assessments against a wide array of applications, technologies and platforms
- Understand, review, and interpret vulnerability assessment and scanning results, reduce false positive findings, and act as security advisor to business unit partners.
- Create detailed risk assessment reports which explain identified technical and logical security findings, describe potential business risks, and present prioritized recommendations.
- Contribute to the ongoing enhancement of the company's security assessment capabilities through the development and implementation of improved methodology, processes, infrastructure, tools, and deliverables.
- Collaborate and share knowledge with team members via formal and informal methods on a regular basis.
- Familiarity with Metasploit, Contrast, AppSpider, Burp Suite, ZAP, and PumaScan.
- Scripting with Python, Ruby, PowerShell, BASH, or similar languages
- An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, spidering, application flow charting, and session analysis.
- Strong technical skills related to at least one of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security.
- Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) or OWASP Risk Rating Methodology.
- Familiarity with automated tools used to find system and web application vulnerabilities such as Nmap, Nexpose, Nessus, WebInspect, or Fortify.