This job ad has been posted over 30 days ago...



Senior Ethical Hacker / Web Application Penetration Tester Full-time

at Antal international in Banglore (Published at 07-10-2014)

Job Description:
The Senior Ethical Hacker / Web Application Penetration Tester will be working individually and in teams mostly in a virtual capacity. This individual will be performing penetration testing or vulnerability assessment of web application, network, wireless, code review and firewall on multi-protocol enterprise systems.
Desired Skills and Experience
Job Requirements:
Consulting Skills:
• Independence: self-managed and motivated
• Team-oriented
• Project Management: Takes responsibility for satisfaction of client assigned project
• Public speaking
• Technical writing and vulnerability research
• Scoping of client’s testing effort
Technical Skills:
• Strong web application penetration testing experience is a requirement
• Experience in vulnerability identification and remediation is a requirement
• Knowledge of the software development lifecycle in a large enterprise environment
• Experience with performing code review, wireless and firewall assessments are a plus
• Solid network penetration testing experience is a plus
• Programming background (C++, Perl, Python, Shell ) for tool and exploit development
• Technical knowledge in network security products, cryptographic suites and network/application firewalls is a plus
• Experience with mobile application and operating system testing is a bonus
• Experience in evasion techniques to bypass firewalls, and intrusion detection, is a plus
• Operating Systems: Windows, Linux, HP-UX, Solaris, AIX, and others.
• Web Servers: IIS, Apache, Lotus Domino, Sun Java System
• Middleware software: Oracle’s WebLogic, IBM’s WebSphere, Apache Tomcat
• In-depth knowledge of any proxying tools such as Paros, Burp, WebScarab, and Achilles "fault injection"
• Experience with any of the following commercial application scanning tools like IBM's AppScan, HP’s WebInspect, HP’s Fortify, NTOSpider, Cenzic's Hailstorm
• Commercial database software like Application Security Inc.'s AppDetective
• Experience with any open source tools like Whisker and Nikto
• WebServices technologies like XML, SOAP, and AJAX
• Networking tools, such as Nessus, nmap, and Retina netcat
• Understanding of various web application architectures
• Understanding of server and client side application development
• Tool/script evaluation
• Physical and logical security audits
• Logical protocol and network traffic audits
• Troubleshooting
• Training of client staff
• Requirements analysis and design

Engagement Management:
• Understanding of best-practice methodologies

Education and Certifications:
• Bachelor’s Degree in Information Technology/Computer Science plus 5 years of related IT experience, or 10 years or more of related IT experience
• Any of the following certifications: CISSP, GIAC, or CEH certification

Note: Applications have been closed.

Recent jobs at Antal international

Viewed: 1239 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend