My company is hiring computer security specialists for work in US Financial. We need both offensive (pentesters) and defensive (secure coding) specialists.
Experience in programming languages a big plus. Most applications are web apps and services, so some Java and HTML are required. The firm uses Java Enterprise, HTML, JavaScript and CSS. There's also some Visual Basic (VB) apps.
Experience in Secure Coding is required. You should understand what a Code Injection is, what a SQL injection is, what a XSS is, and how to fix them. You should also have knowledge of OWASP Top 10, and OWASP's ESAPI Encoder.
Experience in Static Analysis (SAST) and Dynamic Analysis (DAST) tools are big plus. SAST and DAST tools include Coverity, HP Fortify, SonarCube, Veracode, etc. The firm uses Veracode for Static Analysis (SAST) and Dynamic Analysis (DAST) for analysis internal and external programs.
Experience in penetration testing web apps and services is required. You should know how to run tools like Burp Suite and ZAP Tool, and be familair with distributions like Kali Linux. You should know how to recon a target, how formulate an attack tree, and how to execute the plan.
The position is full-time, 100% remote work. You never have to come into the office. You will receive a company issued laptop and connect to the firm using VPN. A high speed internet connection is required for the VPN. You will attend meetings using Microsoft Teams and Zoom.
Recent graduates are welcomed to apply. Graduates of Anne Arundel Community College's Cyber Security program and similar schools are encouraged to apply. You will work with and be mentored by some of the top talent in the field.
Please PM me if you are a candidate or know someone who might be a good fit. Referral bonuses are available.
Experience in programming languages a big plus. Most applications are web apps and services, so some Java and HTML are required. The firm uses Java Enterprise, HTML, JavaScript and CSS. There's also some Visual Basic (VB) apps.
Experience in Secure Coding is required. You should understand what a Code Injection is, what a SQL injection is, what a XSS is, and how to fix them. You should also have knowledge of OWASP Top 10, and OWASP's ESAPI Encoder.
Experience in Static Analysis (SAST) and Dynamic Analysis (DAST) tools are big plus. SAST and DAST tools include Coverity, HP Fortify, SonarCube, Veracode, etc. The firm uses Veracode for Static Analysis (SAST) and Dynamic Analysis (DAST) for analysis internal and external programs.
Experience in penetration testing web apps and services is required. You should know how to run tools like Burp Suite and ZAP Tool, and be familair with distributions like Kali Linux. You should know how to recon a target, how formulate an attack tree, and how to execute the plan.
The position is full-time, 100% remote work. You never have to come into the office. You will receive a company issued laptop and connect to the firm using VPN. A high speed internet connection is required for the VPN. You will attend meetings using Microsoft Teams and Zoom.
Recent graduates are welcomed to apply. Graduates of Anne Arundel Community College's Cyber Security program and similar schools are encouraged to apply. You will work with and be mentored by some of the top talent in the field.
Please PM me if you are a candidate or know someone who might be a good fit. Referral bonuses are available.