Job Description

RCI Technologies is looking for several Penn Testers for various projects for the City of New York.

Responsibilities:

• Performs detailed source code reviews of both new and existing application.
• Performs application security assessments.
• Develops application security standards and policy documentation.
• Perform automated and manual run-time assessments.
• Performs automated and manual code review and threat modeling.
• Performs Secure Development Life cycle (SDL) process assessments.
• Educates developers on proper secure coding practices.
• Provides and/or organize appropriate application security training and awareness for technical and non-technical staff.
• Acts as security applications subject matter expert (SME), providing consulting solutions and support to Application Development teams.

Requirements:

7+ years of experience with the following:

• Detection, exploit, and prevention of software vulnerabilities (i.e., SQL Injection, XSS, buffer overflows) as well as emerging platform vulnerabilities (e.g., Flash, AJAX).
• Reviewing source code and assisting developers in closing vulnerabilities.
• Performing active black-box penetration testing against web applications above-and-beyond the use of commercial products or pre-existing scripts.
• Enterprise application development experience in both .NET and Java/J2EEE.
• Secure software development life-cycle.
• Excellent written and verbal communication skills, experienced at communicating with developers as well as technical and non-technical management.
• 4+ years of work experience focused purely on application system and code-level security.

Strong communication and client facing skills are required.
Local candidates preferred!

[email protected]

Job Tags

Similar Jobs