Vulnerability Assessments Analyst/SME

Employer
ENG Infotech
Location
Fort Lauderdale, FL
Posted
Feb 28, 2017
Jobs Outside Higher Education
Software & Technology
Institution Type
Outside Academe


Job Description

JOB TITLE: Vulnerabilities Assessments Analyst/SME

LOCATION: Fort Lauderdale, FL

SALARY/PAY RATE: $51.00/hour on W2

INDUSTRY: Financial Services

EMPLOYMENT TYPE/DURATION: Long-term Contract; 12 months minimum, with changes of extension beyond 18-24 months

WORK SCHEDULE: 40+ hours/week (Mon-Fri, 8am/9am - 5pm/6pm)

JOB DESCRIPTION / SUMMARY:

The scope of the Application Vulnerability Assessment (AVA) process is comprised of all Company business functions, subsidiaries, managed facilities, critical infrastructure components as well as service provider arrangements that include Company branded and co-branded applications.

Candidates for this position must have strong understanding of ethical hacking methodologies, frameworks, and industry resources, e.g. OWASP, OSSTMM, NIST publications, SANS/CWE, among others, in order to be able to maintain, improve, and benchmark the Company Vulnerability Assessment process, allowing it to remain a world class service.

Process engineering and documentation is key. Areas of focus are mobile security testing in the various platforms, threat modeling, source code review, and application/infrastructure penetration testing in general.

Other key duties include providing application vulnerability assessment services to Company businesses globally through a comprehensive testing process, as well as identifying weaknesses and vulnerabilities within the system and proposing/implementing countermeasures.

Pre-requisites for this position are:

1) Bachelor's Degree

2) 3 to 7 years of experience in web development and programming languages i.e. Java, XML, Perl and HTML

3) A basic understanding of security, web-based and infrastructure vulnerabilities is required

Experience conducting one or more of the following functions:

1) Application vulnerability assessments

2) Source code review

3) Application architecture reviews or threat modeling

4) Industry-accredited security certifications will be required. The candidate must have or be willing to obtain all of the following certifications:

a. CISSP

b. CEH

c. GIAC

5) Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures is expected

6) Excellent communication skills (written and verbal) and the ability to communicate with all levels of staff and management are also essential

Preferred Skills & Experience:

1) Experience conducting vulnerability assessments and articulating security issues to technical and non-technical audience is a plus

Company Description
ENG Infotech is a dynamic company incorporated in the State of New Jersey with the sole purpose of leveraging the IT expertise of its founders. We are a Minority Owned business that thinks green.

ENG Infotech offers an array of IT professional services including technology acquisition and configuration services, infrastructure related managed services,staff augmentation and consulting services.

ENG Infotech has a growing team of experienced and customer-centric professionals. Our size allows us to give focused attention to our clients and the expertise inherent in our staff allows us to handle Global Mid Market and Fortune 500 clients.


Fort Lauderdale, FL

f4aac8266

Mon, 27 Feb 2017 09:36:40 PST

PI96999566