Principal Security Analyst

IBA InfoTech Inc.
Miami, United States of America
8 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Miami, United States of America

Tech stack

Java
.NET
Microsoft Windows
Software System Penetration Testing
Bash
C Sharp (Programming Language)
C++
Static Program Analysis
Code Review
Databases
Perl
Python
Network Architecture
NMap
Oracle Applications
Open Web Application Security
Systems Development Life Cycle
Shell Script
Software Engineering
SQL Injection
SQL Databases
Systems Architecture
Wireshark
Web Applications
WS-Security
Webinspect
Scripting (Bash/Python/Go/Ruby)
Software Security
Cross-Site Scripting (XSS)
Information Technology
Metasploit
Nessus
Appscan
Vulnerability Analysis

Job description

  • This role may perform any or all of the following: conducts vulnerability assessments; carries out penetration tests, performs social engineering tests; analyzes technical security weaknesses; performs risk analyses; and develops exploits.
  • Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption.
  • Develop tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.
  • Application security architecture - Provide development teams guidance and formal security requirements as part of the SDLC process.
  • Perform audit related activities as required.

Requirements

  • Minimum of 6 years of general work experience and 3 years of relevant experience in functional responsibility.
  • Bachelor's Degree, or an equivalent combination of formal education, experience.
  • Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database and operating systems.

Requirements:

  • Security, Software Development, Networking, and/or Systems Administrator Experience
  • Deep understanding of 3-tiered Web Application Architecture
  • Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, exploit creation)
  • Must have Commercial Web Application Tool Experience (i.e. Burp, AppSpider, AppScan, WebInspect)
  • Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra)
  • Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities with C-levels to developers in a large professional environment
  • Experienced with Oracle, Windows and SQL.

Desired:

  • Web Services Security Penetration Testing Experience
  • Database Experience (DBA or security penetration testing)
  • Software Development and/or Scripting Experience in .NET, C++, Java, C#, perl, python or bash
  • Source Code Review (aka Static Analysis) Experience
  • Excellent technical writing skills and attention to detail

Apply for this position