Application Penetration Test Analyst In Dallas, Tx For Fulltime/Permanent Role

Overview

We are looking for Application Penetration Test Analystin Dallas, TX Location, Are you available for this position in Dallas, TX Location? Will you relocate to this location for Fulltime/Permanent Role? Are you available for short/quick discussion over Call ?

Position :: Application Penetration Test Analyst

Location :: Dallas, TX

Fulltime/Permanent Role

Application Penetration Test Analyst

• The Application Penetration Test Analyst is responsible for the security testing and risk analysis of DTCC's software applications using various application security tools. Interaction with DTCC software developers to provide guidance, best practices and technical assistance in remediating software application security issues will be part of the responsibilities. The individual should possess strong application software expertise, along with excellent communication, and organizational skills.

Qualifications

Must have

• • Minimum of 5 years of software application penetration testing experience
  • Expert on using Web Penetration Testing tools such as Burp Suite and WebInspect
  • CEH - Certified Ethical Hacker Certification
  • CISSP - Certified Information Systems Security Professional
  • Bachelor's degree
  • Experience in Static & Dynamic Code Analysis, OSS Reviews

Good to have 

• • Knowledge of Web Application Firewalls, Runtime Application Self-Protection (RASP) and Reverse Proxies
  • Knowledge with public/hybrid clouds & cloud technologies utilizing Amazon Web Services (AWS) and applying that to application security tools/functions
  • Ability to explain vulnerabilities and weaknesses in OWASP Top 10, WASC TCv2, and CWE 25 to any audience, and discuss effective defensive techniques
  • Knowledge in Web Programming languages and Python development environments
  • Knowledge in standard application development/management tools such as Jenkins, Git, Puppet, Chef, or Docker
  • Scripting skills in Python or PowerShell is highly desirable
  • A SANS, CISSP, OSCP, AWS Solutions, or Architect certification is preferred

Duties

• • Perform Software Application Penetration Testing.
  • Prepare vulnerability report that details finding, vulnerabilities, and test procedure.
  • Explain application risks that have been identified during pen test to the software developers.     
  • Improve and maintain secure development standards and manage application security framework improvement projects
  • Integrate security tools, standards and processes into the Software Development Life Cycle (SDLC) for both on-premises & cloud deployed applications
  • Maintain documentation related to Application Security including the development of secure coding policies, procedures and standards, modification of the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
  • Build a very close working relationship with DevSecOps and application development teams
  • Improve application security tool stack including static analysis, runtime testing tools, RASP, integrating the tools in CI-CD and Reporting
  • Work with our Threat Risk Management team and Development teams to develop application security requirements, security guidance, security architecture and technology solutions to address the existing and emerging application security issues for both on-prem and cloud deployed apps (agile and waterfall)

Flexon Technologies is a leading end-to-end technology solutions provider to IT and Non-IT industry. We specialize in providing "Total Solutions" encompassing technology and services combined with unparalleled domain knowledge that gives our clients a distinct advantage.

We offer integrated business solutions, enabling clients to optimize their business with greater efficiency, and increased responsiveness. Our offerings are designed to cater to the entire range of clients' technology needs. We deliver end-to-end solutions that can build, manage and support our customers' IT systems across the entire value chain infrastructure, applications and business processes. The range of our offerings extends to software (including systems and application software development, implementation, maintenance and frameworks), IT architecture, network consulting, Staffing etc. These technology offerings backed by the domain solutions and knowledge to ensure maximum business alignment, allowing you to derive maximum benefits out of the IT investments.

Benefits that Make a Difference:

• • Medical, Dental and Vision plan options
  • 401(k)
  • Life Insurance
  • Flexible Spending Account (FSA)
  • Commuter Benefit Program.