Location
Wilmington, NC | United States
Job description
Qualifications:
- Possesses a deep understanding of web application security principles.
- Familiarity with OWASP Top 10 vulnerabilities and experience addressing them.
- Proficient in reading and comprehending code in various programming languages.
- Experience not only executing DAST/SAST scans but also capable of triaging and assisting development teams in resolving issues.
- Proficiency in penetration testing and familiarity with tools like BurpSuite.
Bonus Skills:
- Familiarity with cloud computing platforms.
- Experience with IAST.
- Background in software development preferably in Java transitioning into security roles.
Required Skills:
- Strong expertise in Application Security (AppSec) including:
- Manual source code review.
- Analyzing DAST/SAST scan results particularly with tools like AppScan Netsparker and Checkmarx.
- Application penetration testing ideally utilizing BurpSuite.
- Ability to comprehend code effectively.
- Thorough understanding of Web Application and Web Service architectures along with associated protocols.
- Demonstrated commitment to a career in Security through relevant roles and credentials.
Highly Desirable Skills:
- Solid understanding of Java and proficiency in Core Java with familiarity in frameworks such as Spring and Hibernate.
- Proficiency in Python with development experience.
- Experience with Capture the Flag (CTF) or red team exercises.
- Knowledge and experience with Web Application Firewalls (WAF).
- AWS development skills or strong understanding of AWS Security.
- Relevant credentials such as Masters in Cybersecurity OSCP CEH CCSP AWS Certified Solutions Architect or AWS Certified Security Specialty (Associate or Professional).
OWASP,Pen testing,AppSec,DAST/SAST,BurpSuite,Checkmarx,Netsparker,AppScan
Job tags
Salary