Senior Engineer, Web Application Penetration Tester
Company: News Corp
Posted on: September 22, 2022
Currently seeking Senior Engineer-Web Application Penetration
Tester, to join our CyberSecurity Security team, based in the US.
The ideal candidate will possess a deep understanding of attack
surfaces in modern compiled applications and operating systems.
Candidates must demonstrate the ability to analyze closed source
applications using several off-the-shelf or custom developed tools.
Additionally, the ideal candidate will be able to demonstrate
exceptional organizational skills, work efficiently under minimal
supervision, be able to deliver results that meet or exceed
organization's expectations, be a strong team player, and actively
participate in a fast-paced and challenging global environment. Key
Responsibilities Have a passion for breaking into websites and keen
interest in information security. Have a strong understanding of
how web applications, both server side, and Single Page
Applications function hosted in the cloud. Have a keen eye towards
business logic attacks. Ability to perform web, mobile and API
penetration testing Intricate know how of BURP Suite Pro security
tool Prior corporate Experience of web penetration testing
applications is required including PCI environments. Deep
understanding of OWASP top ten vulnerabilities. You follow the bug
bounty community closely to understand the latest hacking
techniques. Familiarity with manual code review techniques. Strong
plus familiarity with NodeJS, C#, PHP, Python, JAVA languages.
Familiarity with AWS ,Azure cloud Requirements: Atleast have a
Bachelor's degree in computer science, software engineering or
equivalent experience Atleast have 5 to 7 years of Penetration
testing experience (web, mobile, api) Intricate know-how of BURP
Suite Pro security tool and other Pen testing tools. Ability to
clearly state defensive techniques for discovered vulnerabilities.
Ability to communicate clearly how to remediate an issue. Knowledge
of how to write formal penetration reports and convey impact to
business leaders. Strong plus familiarity with NodeJS, C#, PHP,
JAVA languages. Strong plus familiarity with SWIFT, Objective-C,
Kotlin languages (for mobile testing) Expected to have some level
of Python coding skills Understanding of AWS IAM and AWS services
is required. Other cloud platforms and plus. Familiar with DNS
Enumeration and supporting tools such as OWASP AMASS, Recon-Ng etc.
Experience with Gobuster, web fuzzing tools, nmap, password
guessing/cracking and other common security tools. Command line
skills including writing bash scripts, powershell and ability to
parse data from output of tools and logs Some network penetration
testing required. Attend security conferences and CTF events
regularly. Desired Certifications : GWAPT, GPEN,Offensive Security
Web Expert (OSWE) , OSCP. GIAC Cloud Penetration Testing (GCPN) is
a huge plus. Cloud Certifications good to have PI191777272
Keywords: News Corp, Trenton , Senior Engineer, Web Application Penetration Tester, Engineering , Princeton, New Jersey
Didn't find what you're looking for? Search again!