Application Security Analyst
Work Location: 1385-Hughes Landing West Job Title: IT - Application Security Analyst - Expert Level Job Description: Exxon Mobil Corporation is looking to bring on an experienced application security contractor in order to supplement internal efforts. Candidate should have all of the following technical and professional characteristics as well: - Min 6 years of experience penetration/vulnerability testing for web and thick-client applications in an enterprise environment - Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc. - Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc. - Full grasp and ability to articulate and/or train others on the "OWASP Top 10" and related concepts - Minimum 6 years of experience with programming and/or scripting in one or more of the following languages: .NET, Java, PHP, Ruby, Perl, Bash, or similar language - Minimum 6 years of experience with SQL, including a strong understanding of SQL syntax and the ability to perform basic management of MS SQL databases - Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners - Ability to capture and analyze network traffic at all seven layers of the OSI model, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data - Have a solid grasp of core security fundamentals and concepts, including knowing one's system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc.
...
Job Type:Contract
Location:The Woodlands, TXDistance:
1 mile
Date Posted:Feb 11, 202115 days ago
Industry:IT
Work Location: 1385-Hughes Landing West Job Title: IT - Application Security Analyst - Expert Level Job Description: Exxon Mobil Corporation is looking to bring on an experienced application security contractor in order to supplement internal efforts. Candidate should have all of the following technical and professional characteristics as well: - Min 6 years of experience penetration/vulnerability testing for web and thick-client applications in an enterprise environment - Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc. - Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc. - Full grasp and ability to articulate and/or train others on the "OWASP Top 10" and related concepts - Minimum 6 years of experience with programming and/or scripting in one or more of the following languages: .NET, Java, PHP, Ruby, Perl, Bash, or similar language - Minimum 6 years of experience with SQL, including a strong understanding of SQL syntax and the ability to perform basic management of MS SQL databases - Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners - Ability to capture and analyze network traffic at all seven layers of the OSI model, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data - Have a solid grasp of core security fundamentals and concepts, including knowing one's system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc.
...