Back to search results

Ethical Hacking Analyst

Addison, Texas;

Job Description:

The Ethical Hacking Analyst will join a dynamic team of world class security experts to conduct application security assessments and penetration testing of our internal/external web applications, leveraging both manual techniques as well as automated tools in order to identify and report security vulnerabilities that may exist.
Successful candidate will be knowledgeable with business risks associated to common security vulnerabilities and be able to effectively communicate security vulnerabilities across a broad spectrum audience ranging from application developers to business managers with limited experience in application security.

Required Skills:
• BS/MS in Computer Science (or equivalent work experience)
• Persistent sense of technical curiosity how applications work and a demonstrated ability to think through process bypasses
• Experience conducting vulnerability assessments, secure code reviews and penetration testing against web application technologies
• Knowledge of web and network related protocols/technologies
• Ability to demonstrate manual web application testing experience
• Desire to learn and an aptitude for executing critical thinking in a variety of situations
• Excellent organizational skills
• Ability to communicate efficiently and simplify complex IT scenarios

Desired Skills:
• Ability to work independently in a large scale enterprise environment
• Professional experience working in an application security role within a large financial institution
• Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, etc.)
• Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, etc.)
• Experience in the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; single sign-on technologies; exploit automation platforms
• One or more of the following certifications: CISSP, GWAPT, GPEN, CEH, OSCP

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-20038271

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

Referral Bonus: