110695 — Vulnerability & Penetration Test Engineering Job in Houston, Texas US
LyondellBasell - Lyondell Chemical Company
About the Job
- Perform application scanning and review using analysis tools.
- Validate automated testing results and prioritize remediation based on overall risk and verify findings as needed via manual testing on applications.
- Perform manual analysis of applications for security vulnerabilities.
- Create a company standard formal security assessment reporting format; write and track assessments for each application assessed.
- Retest security vulnerabilities that have been fixed and republishing reports to indicate the results of retesting.
- Identify protection goals, objectives and metrics consistent with corporate strategic plan.
- Ensure daily activities are aligned with corporate goals.
- Responsible for providing guidance to application and infrastructure teams during solution evaluation, selection and implementation, providing decisions at critical checkpoints.
- Coordinate with advance technology team(s) in security technology and product identification and research to provide guidance and advocacy regarding prioritization of infrastructure investments that impact security.
- Participate closely in developing global security policy, standards, guidelines and procedures. Information protection responsibilities will include network security architecture, network access and monitoring policies.
- Produce timely and accurate information to management.
- Work with outside consultants as appropriate for independent security audits.
- Five+ years of progressive experience in computing and information security, including experience with Internet technology and security issues.
- Internet commerce or corporate information security experience preferred.
- CISSP or other security certification/accreditation desirable.
- Experience performing manual web application security testing and exploit experience above and beyond running automated tools.
- Development and/or source code review experience in C/C++, C#, VB.NET, or Java.
- Experience using vulnerability testing tools.
- Knowledge of the HTTP, SSH, SSL protocols and how they work.
- Knowledge of software runtime analysis, debugging, and security testing techniques, security auditing practices, and underlying software defects that routinely result in security vulnerabilities (e.g., input validation errors).
- Understanding of intruder techniques and software exploitation methods.
- Working understanding of system, database, and/or network administration, operational details of multiple operating systems, and cryptographic principles and common cryptographic protocols.
- Recognize and deal appropriately with confidential and sensitive information.
- Must have a solid understanding of information technology and information security.
LyondellBasell is one of the world's largest plastics, chemical and refining companies. The company manufactures products at 59 sites in 18 countries. LyondellBasell products and technologies are used to make items that improve the quality of life for people around the world including packaging, electronics, automotive parts, home furnishings, construction materials and biofuels. More information about LyondellBasell can be found at www.lyondellbasell.com.
- Excellent verbal and written communication.
- Excellent interpersonal skills and ability to create collaborative relationships with colleagues.
- Working knowledge of a broad range of relevant platforms (Cisco, Windows, SAP, MS-SQL) and Internetworking technologies desirable.
- Willingness to do hands-on, highly technical work.
- Strong customer focus.
- Experience with web application firewalls and filters.
- Must be self-motivated and a strong technical leader in the analysis, coordination, and remediation of software vulnerabilities.
- Regular focus on latest industry techniques, tools and research.
April 26, 2008
• Tags: 110695 — Vulnerability & Penetration Test Engineering Job in Houston, Texas Us • Posted in: General