CR286-WEB APPLICATION PENETRATION TESTER
Share
Job Location:
Pleasanton, CA - USA
Monthly Salary:
Not Disclosed
Posted on:
2 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Summary Web Application Penetration Tester
- Lead manual penetration testing of in-house developed web application (CARE) to discover security vulnerabilities and propose remediations.
- Conduct detailed penetration tests using common frameworks such as OWASP to identify and exploit vulnerabilities.
- Document findings report vulnerabilities and provide solutions to the development team.
- Collaborate closely with development team to verify and implement remediations.
- Develop and maintain automation scripts to re-run security tests ensuring new vulnerabilities are detected before deployment.
- Mentor and train development team on secure coding practices and web application security (including OWASP Top 10).
- Serve as subject matter expert on web application security providing guidance and expertise to internal teams.
- Participate in code reviews and provide feedback to ensure security standards are met.
- Work collaboratively with cross-functional teams (Business QA Operations) to scope and draft functional requirements.
- Assist business users in creating test cases use cases and perform functional testing.
- Provide timely and effective reporting on the status of projects and remediation efforts.
- Ensure all project documentation and IT requirements are completed and maintained as per internal standards.
- Participate in and contribute to training and mentoring plans for State Fund employees focusing on security skills enhancement.
- Communicate effectively with users at all levels and present technical solutions to both technical and non-technical audiences.
- Demonstrate strong knowledge of Java Spring Oracle Linux and Windows in the context of secure application development and testing.
- Manage all aspects of the penetration testing and support functions including planning execution and reporting.
- Lead manual penetration testing of in-house developed web application (CARE) to discover security vulnerabilities and propose remediations.
- Conduct detailed penetration tests using common frameworks such as OWASP to identify and exploit vulnerabilities.
- Document findings report vulnerabilities and provide solutions to the development team.
- Collaborate closely with development team to verify and implement remediations.
- Develop and maintain automation scripts to re-run security tests ensuring new vulnerabilities are detected before deployment.
- Mentor and train development team on secure coding practices and web application security (including OWASP Top 10).
- Serve as subject matter expert on web application security providing guidance and expertise to internal teams.
- Participate in code reviews and provide feedback to ensure security standards are met.
- Work collaboratively with cross-functional teams (Business QA Operations) to scope and draft functional requirements.
- Assist business users in creating test cases use cases and perform functional testing.
- Provide timely and effective reporting on the status of projects and remediation efforts.
- Ensure all project documentation and IT requirements are completed and maintained as per internal standards.
- Participate in and contribute to training and mentoring plans for State Fund employees focusing on security skills enhancement.
- Communicate effectively with users at all levels and present technical solutions to both technical and non-technical audiences.
- Demonstrate strong knowledge of Java Spring Oracle Linux and Windows in the context of secure application development and testing.
- Manage all aspects of the penetration testing and support functions including planning execution and reporting.
Key Skills
- Asset
- Front Desk
- Banking & Finance
- Jboss
- Accident Investigation
- Chemistry
