Application Security Consultant Job in Burlington, Massachusetts Us
Key Responsibilities:
As a penetration tester on our team, you will:
Perform application penetration testing, vulnerability assessments and application source code review against custom built software applications on Internet-facing and native systems
Identify and exploit vulnerabilities in applications
Document technical issues identified during security assessments utilizing standard CWE and CVSS classifications
Research emerging security topics and new attack vectors
Work independently to meet customer and project deadlines
Interact with customers in a collaborative consultative manor to deliver results, provide feedback and remediation recommendations on penetration testing findings.
Leverage automated analysis techniques for efficient delivery of focused and comprehensive test formats.
Required Knowledge/Skills/Abilities - All Applicants:
2+ years of Professional Web-Application Development or Source Code Review Experience
Development experience with multi-tiered Internet applications
Understands web architecture and protocols (HTTP(S), TCP/IP, ARP, SMTP, DNS, etc)
Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, and Java
Understands of how data flows through an application and connected components (SMTP, LDAP, Database servers)
Understanding of common software security issues and remediation techniques (OWASP top 10, SANS top 25, etc)
Familiar with common Windows commands and scripting
Familiarity with general application and network security concepts
Strong technical writing skills
Excellent teaming and communication skills
Senior Level Applicants:
All of the above Plus
5+ years of penetration testing in a consulting environment
3+ years of source code review in a consulting environment
Familiar with OWASP Top 10 and CWE/SANS Top 25 classification systems
Apply Online
