Location: Remote-USA
Duration: Long-Term Contract
Job Description:
The Senior Security Controls Verification Specialist is responsible for assisting the Lead for the Security Controls Verification team in helping to define the strategic approaches used by the team to support how we develop our differing approaches to the methodologies used for security & risk controls requirements validations and automated testing. This role will assist in helping to perform hands-on penetration testing and security testing against applications, networks, and wireless environments. This role is a senior practitioner with extensive experience in security testing and will also involve helping the creation of scripts and automated security tests. The ideal candidate is passionate about breaking into any system or application, consistently working to improve the security of the products tested during engagements.
Responsibilities:
- Perform offensive security testing of applications, both manual and automated.
- Perform network security testing for networks, infrastructure, and servers.
- Guides the strategy, approach and development of robust security & risk Controls Verification techniques and capabilities, which will be aligned to our controls requirements frameworks and objectives defined by the Security & Threat Solutions Strategy team.
- Provide remediation guidance to the impacted solution or network owners.
- Support the risk assessment processes by weighing in as technical security SMEs.
Qualifications:
- 5+ years of experience penetration testing applications
- 3+ years penetration testing networks
- Strong capabilities in identifying and exploiting web vulnerabilities, especially the OWASP top 10
- Scripting experience in Bash, Java, .Net, Python or Ruby
- Experience finding vulnerabilities in both off-the-shelf and open-source components
- Experience testing web applications & thick applications
- Strong understanding of network protocols, routing, firewalls, and network security technologies.
- Experience in exploitation, Firewall bypasses, antivirus evasion
- Ability to communicate with stakeholders at multiple levels, including remediation for vulnerabilities identified.
- Ability to write clear reports on solutions or networks tested
- Secure code review experience is preferred
- OSCP/OSWE preferred
- Experience with secure development and security features required by cloud infrastructure is preferred
- Clear understanding of the challenges offered by information security, privacy, and compliance
- Strong working knowledge of structured security guidelines Generic Skills:
- Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations
- Works well under pressure and within time/budget constraints to solve problems or meet objectives - Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
- Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change
InterSources Inc, a Certified Diverse Corporation, was founded in 2007, to offer innovative solutions to help clients with Digital Transformations across various domains and industries. Our history spans over 14 years and today we are an Award-Winning Global Software Consultancy solving complex problems with technology. We recognize that our Employees, Vendor and our Clients are our strengths as the diverse talents and opportunities they bring to the table enable us to grow as a global platform and they are causally linked with our success.
We provide strategic and technical advice, and we have expertise in areas covering Artificial Intelligence, Cloud Migration, Custom Software Development, Data Analytics Infrastructure & Cloud Solutions, Cyber Security Services, etc.
We make reasonable accommodations for clients and employees and we do not discriminate based on any protected attribute including race, religion, color, national origin, gender sexual orientation, gender identity, age, marital status.
We also are a Google Cloud partner company. We align strategy with execution and provide secure service solutions by developing and using the latest technologies that thrive our resources to deliver industry-leading capabilities to our clients and customers, making it convenient for our clients to do business with InterSources Inc. Our teams also drive growth by refining technology-driven client experiences that put the users first, providing an unparalleled experience. This results in strengthening the core technologies of clients, enabling them to scale with flexibility, create seamless digital experiences and build lifelong relationships.