Here’s another great opportunity for anyone currently looking to further their pen testing skills in a geek-friendly environment with an experienced group working in the financial services area. This is a fairly quick turn around as they are looking for people to start in July!
Stratum Security is looking for senior-level penetration testers. The initial project is dedicated to a financial services organization (no travel) to help the customer build an internal assessment program. The work will involve on-going assessments of the network and large application inventory.
Stratum Security is a very technically driven organization – their core consulting team are all senior level consultants with 10+ years experience. Several have spoken at Black Hat, Defcon, Shmoocon, and OWASP. One wrote a book about Securing the Smart Grid – it’s a great environment for security geeks.
- Application Security Testing: Experience running web application security scanners (e.g., WebInspect, AppScan, Cenzic, Netsparker, etc.) as well as intimate knowledge of client-side proxies (e.g., Paros, Burp, etc.), knowledge of input validation, session management, authorization flaws, web application frameworks, and complex enterprise applications.
- Network Vulnerability Assessment & Penetration Testing: Experience running network vulnerability scanners (e.g., Nessus, Nexpose, etc.) as well as Nmap, Metasploit, Python, shell scripting, Perl, etc.
- Source Code Review/SDLC (not mandatory): Development skills, developing .Net, Java, C#, C/C++ and other enterprise code. Experience running Ounce and/or Fortify a plus. Understanding of enterprise software development, 3rd party products, and software security issues.
- 3-5 years of information security consulting experience
- Strong understanding of information technology security and concepts
- Strong oral and written communication skills
- Ability to pass standard background check and drug test
If these positions look like the right fit, email Jeff LoSapio at jeff dot losapio at stratumsecurity dot com or call him directly at 240-472-1213.
If your organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details.