Logo for TekRecruiter

Sr. Security Analyst - Remote

Role overview

Qualifications

  • 4-6 years of independent end to end hands-on manual experience in Web application penetration testing
  • Familiar with security guidelines such as OWASP Top Ten
  • Knowledge of Azure and AWS cloud attacks
  • Bachelor’s or Master’s degree in computer science or related field

Responsibilities

  • Participate in penetration testing, scoping, and security test planning
  • Identify and recommend appropriate measures to manage and remediate discovered vulnerabilities
  • Mature penetration testing strategy for early detection of potential vulnerabilities
  • Promote Secure SDLC and integrate security tools into CI/CD

About the company

TekRecruiter logo

TekRecruiter

IT Services & IT Consulting

TekRecruiter is a boutique and deeply specialized Technology Solutions firm with thorough technical aptitude and screening logic to connect innovative employers with the top 1% of in-demand technologist anywhere in the World. The Best Engineers: In-demand | On Bench | Technically Screened Where? World-wide (Onsite | Remote | Nearshore) We are more than recruiting, we make quality software engineering possible by enabling our clients to have easy, efficient and affordable access to top 1% of Technology talent in ways they've never imagined. Building the best Tech Teams: - Direct Hire (Onsite or Remote) - Staff Augmentation (Onsite, Remote, Nearshore) - Software and DevOps Nearshore Outsourcing (Nearshore or Offshore) - Engineers on Bench (Startup Fast) Key Skill Sets: - Software Engineers (JavaScript Stack, Python, Ruby, Go, Java, C#, Rust, Blockchain) - DevOps & Cloud - Artificial Intelligence - Salesforce - SDET - Data Engineering Why TekRecruiter? **Disruptive industry changing automation to deliver the best "Right-Fit" Technology talent faster than our competitors. On-demand | Local | Remote | Nearshore | Offshore **Deeply specialized technology focus Areas outpacing our competitors across Node.js, DevOps, Salesforce, Data, Java, Python and AI Workforce Solutions. **A certified Diversity and Inclusion supplier with industry leading DE&I processes. Vision: To revolutionize, maximize, and uplift the consulting, entrepreneurship, and permanent career growth endeavors of the top 1% of Technologists. Mission Statement: Connecting the best 1% of highly skilled Technology professionals anywhere in the world with innovative employers through strong partnership, relationship, world-class service, and industry leading technology.  Core Values: We have HEART - Hard Work - Entrepreneurial Spirit - Accountability - Resilience - Transparency WE HEART TECH STARTUPS

Company details

Company typeStartup
IndustryIT Services & IT Consulting
Company size11 - 50

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

This is a remote position.

TekRecruiter has been asked to recruit a Full Time Penetration Tester to join the team of an awesome technology company. The role currently starts remotely due to Covid but may return to the Tempe, AZ corporate office in the future. 
The Penetration Tester is an integral part of the Global Cyber Security team and will be responsible for executing penetration tests to support the Secure Development Lifecycle.  This role ensures that products that are developed are built securely and security vulnerabilities detected in the product are addressed prior to release.  Additional responsibilities may be asked as deemed necessary.

 

Job Responsibilities:

  • Participate in penetration testing, scoping, security test planning, identifying tools required for penetration testing

  • Participate in threat modeling, risk analysis and creating mitigation plan

  • Identify and recommend appropriate measures to manage and remediate discovered or potential vulnerabilities, providing guidance to partner teams

  • Mature penetration testing strategy for early and effective detection of potential vulnerabilities.

  • Demonstrate the ability to assess the security of applications- Web applications, APIs, backend / infrastructure supporting the applications, Cloud, Microservices

  • Promote Secure SDLC and the culture of “shift-left” by integration security tools into CI/CD

  • Demonstrate knowledge of secure code scanning tools

  • Keep up-to-date knowledge of vulnerabilities in the field of security for secure application development

  • Handle communication between geographically dispersed groups 


Web / API / Cloud Penetration Testing Qualifications:

Must Haves

  • 4-6 years of independent end to end hands-on manual experience in Web application penetration testing, Webservice / API (REST & SOAP) Penetration Testing

  • Familiar with security guidelines such as OWASP Top Ten, OSTMM (Open Source Security Testing Methodology Manual) & WASC (Web Application Security Consortium)

  • Knowledge of Azure and AWS cloud attacks

  • Experience in enumeration techniques, authentication and authorization, data access, encryption algorithms

  • Knowledge of security fundamentals, network/application protocols, topologies, reverse engineering, fuzzing & exploit development

  • Experience in executing security assessment activities which includes internal/external stakeholder communications, risk assessment, documentation and reporting and presentation of findings

  • Effective project management skills, oral and written communication skills, interpersonal skills

  • Hands on experience with security tools such as Burp Suite Pro, web application scanners (IBM AppScan, Acunetix, Rapid7 etc..) and static code analysis tools such as Checkmarx, BlackDuck, Veracode, Fortify etc...


Nice to Haves

  • Expertise in evaluating the security of cloud-based applications, services, and infrastructures including serverless architectures

  • Experience with testing storage and database systems, virtual machines

  • Hands-on experience with penetration testing of microservices, SaaS,PaaS

  • Participated in Bug Bounty programs and CTF

  • Experience in presenting at security conferences / events

  • Familiarity with at least one scripting language (Python, Powershell) and programming language such as JAVA and .NET

  • Knowledge of Secure SDLC and DevSecOps implementation

 

Educational Qualifications:

  • Bachelor’s or Master’s degree in computer science or related field

  • Security certification/s such as OSCP, GWAPT,  CEH, CCSK, CCSP, GCPN are strongly considered


TekRecruiter is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. TekRecruiter will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.


Salary: 100K to 106K

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Security Analyst Related jobs

Other jobs at TekRecruiter

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.