Principal Security Analyst

Miami, FL

Company Name :IBA Infotech LLC

Type : Contract

Primary Skills : Metasploit, Penetration Testing, Technical Writing, Network, SDLC, Perl, Oracle, C/C++, SQL, .Net, Java, C#, Shell Scripting, Python

Location : Miami

CTC : DOE

Job Description:

Functional Responsibilities:

  • This role may perform any or all of the following: conducts vulnerability assessments; carries out penetration tests, performs social engineering tests; analyzes technical security weaknesses; performs risk analyses; and develops exploits.
  • Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption.
  • Develop tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.
  • Application security architecture - Provide development teams guidance and formal security requirements as part of the SDLC process.
  • Perform audit related activities as required.

 

Job Requirements :

Qualifications

  • Minimum of 6 years of general work experience and 3 years of relevant experience in functional responsibility.
  • Bachelor’s Degree, or an equivalent combination of formal education, experience.
  • Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database and operating systems.

 

Requirements:

  • Security, Software Development, Networking, and/or Systems Administrator Experience
  • Deep understanding of 3-tiered Web Application Architecture
  • Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, exploit creation)
  • Must have Commercial Web Application Tool Experience (i.e. Burp, AppSpider, AppScan, WebInspect)
  • Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra)
  • Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities with C-levels to developers in a large professional environment
  • Experienced with Oracle, Windows and SQL.

 

Desired:

  • Web Services Security Penetration Testing Experience
  • Database Experience (DBA or security penetration testing)
  • Software Development and/or Scripting Experience in .NET, C++, Java, C#, perl, python or bash
  • Source Code Review (aka Static Analysis) Experience
  • Excellent technical writing skills and attention to detail