Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Sr. Security Analyst - Remote

Remote: 
Full Remote
Contract: 
Full time
Experience: 
Senior (5-10 years)
Work from: 
Suriname

Offer summary

Qualifications:

4-6 years web/Webservice/API penetration testing experience, Knowledge of OWASP, OSSTMM, WASC guidelines.

Key responsabilities:

  • Participate in penetration testing, threat modeling, risk analysis
  • Recommend measures for vulnerability management
  • Demonstrate security assessment abilities across various applications
  • Keep up-to-date with security vulnerabilities and techniques
  • Facilitate communication among dispersed teams
TekRecruiter logo
TekRecruiter Startup https://www.tekrecruiter.com/
11 - 50 Employees
About TekRecruiter
TekRecruiter is a boutique and deeply specialized Technology Solutions firm with thorough technical aptitude and screening logic to connect innovative employers with the top 1% of in-demand technologist anywhere in the World. The Best Engineers: In-demand | On Bench | Technically Screened Where? World-wide (Onsite | Remote | Nearshore) We are more than recruiting, we make quality software engineering possible by enabling our clients to have easy, efficient and affordable access to top 1% of Technology talent in ways they've never imagined. Building the best Tech Teams: - Direct Hire (Onsite or Remote) - Staff Augmentation (Onsite, Remote, Nearshore) - Software and DevOps Nearshore Outsourcing (Nearshore or Offshore) - Engineers on Bench (Startup Fast) Key Skill Sets: - Software Engineers (JavaScript Stack, Python, Ruby, Go, Java, C#, Rust, Blockchain) - DevOps & Cloud - Artificial Intelligence - Salesforce - SDET - Data Engineering Why TekRecruiter? **Disruptive industry changing automation to deliver the best "Right-Fit" Technology talent faster than our competitors. On-demand | Local | Remote | Nearshore | Offshore **Deeply specialized technology focus Areas outpacing our competitors across Node.js, DevOps, Salesforce, Data, Java, Python and AI Workforce Solutions. **A certified Diversity and Inclusion supplier with industry leading DE&I processes. Vision: To revolutionize, maximize, and uplift the consulting, entrepreneurship, and permanent career growth endeavors of the top 1% of Technologists. Mission Statement: Connecting the best 1% of highly skilled Technology professionals anywhere in the world with innovative employers through strong partnership, relationship, world-class service, and industry leading technology.  Core Values: We have HEART - Hard Work - Entrepreneurial Spirit - Accountability - Resilience - Transparency WE HEART TECH STARTUPS
See more TekRecruiter offers

Job description

This is a remote position.

TekRecruiter  has been asked to recruit a Full Time Penetration Tester to join the team of an awesome technology company. The role currently starts remotely due to Covid but may return to the Tempe, AZ corporate office in the future. 
The Penetration Tester is an integral part of the Global Cyber Security team and will be responsible for executing penetration tests to support the Secure Development Lifecycle.  This role ensures that products that are developed are built securely and security vulnerabilities detected in the product are addressed prior to release.  Additional responsibilities may be asked as deemed necessary.

 

Job Responsibilities:

  • Participate in penetration testing, scoping, security test planning, identifying tools required for penetration testing

  • Participate in threat modeling, risk analysis and creating mitigation plan

  • Identify and recommend appropriate measures to manage and remediate discovered or potential vulnerabilities, providing guidance to partner teams

  • Mature penetration testing strategy for early and effective detection of potential vulnerabilities.

  • Demonstrate the ability to assess the security of applications- Web applications, APIs, backend / infrastructure supporting the applications, Cloud, Microservices

  • Promote Secure SDLC and the culture of “shift-left” by integration security tools into CI/CD

  • Demonstrate knowledge of secure code scanning tools

  • Keep up-to-date knowledge of vulnerabilities in the field of security for secure application development

  • Handle communication between geographically dispersed groups 


Web / API / Cloud Penetration Testing Qualifications:

Must Haves

  • 4-6 years of independent end to end hands-on manual experience in Web application penetration testing, Webservice / API (REST & SOAP) Penetration Testing

  • Familiar with security guidelines such as OWASP Top Ten, OSTMM (Open Source Security Testing Methodology Manual) & WASC (Web Application Security Consortium)

  • Knowledge of Azure and AWS cloud attacks

  • Experience in enumeration techniques, authentication and authorization, data access, encryption algorithms

  • Knowledge of security fundamentals, network/application protocols, topologies, reverse engineering, fuzzing & exploit development

  • Experience in executing security assessment activities which includes internal/external stakeholder communications, risk assessment, documentation and reporting and presentation of findings

  • Effective project management skills, oral and written communication skills, interpersonal skills

  • Hands on experience with security tools such as Burp Suite Pro, web application scanners (IBM AppScan, Acunetix, Rapid7 etc..) and static code analysis tools such as Checkmarx, BlackDuck, Veracode, Fortify etc...


Nice to Haves

  • Expertise in evaluating the security of cloud-based applications, services, and infrastructures including serverless architectures

  • Experience with testing storage and database systems, virtual machines

  • Hands-on experience with penetration testing of microservices, SaaS,PaaS

  • Participated in Bug Bounty programs and CTF

  • Experience in presenting at security conferences / events

  • Familiarity with at least one scripting language (Python, Powershell) and programming language such as JAVA and .NET

  • Knowledge of Secure SDLC and DevSecOps implementation

 

Educational Qualifications:

  • Bachelor’s or Master’s degree in computer science or related field

  • Security certification/s such as OSCP, GWAPT,  CEH, CCSK, CCSP, GCPN are strongly considered


TekRecruiter is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. TekRecruiter will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

API TestingBurp SuiteWeb Application Penetration TestingFortinetAcunetixSecurity AnalysisBlackmagicVeraCodeNetwork ProtocolsCloud SecurityProject ManagementHCL AppScanOnline CommunicationCheckmarx

Other Skills

  • Non-Verbal Communication
  • Social Skills
Are you interested?

Security Analyst Related jobs

See more Security Analyst jobs
Sign in or sign up with Google or LinkedIn