Application Penetration testers /Dynamic Application Security Testing (DAST)

Application Penetration testers /Dynamic Application Security Testing (DAST) San Francisco CA or New York City, NY or Charlotte NC or Irving TX or Chandler AZ or Minneapolis MN (Hybrid 3-5 days onsite) 12+ Months Web cam Interview $55-$60/Hr on W2 NOT: • Manager mentioned he has read many resumes the past 2 weeks However many of the candidates submitted were not true application penetration testers. • He saw many who would classify as a QA analyst by their job classification. • He saw many others where they worked with third parties who did pen tests, but they never did tests themselves. • He is also seeing a lot of people who run vulnerability scans, however this is not Dynamic Application Security Testing (DAST). Description: • In this contingent resource assignment, you may: Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering and contribute to large-scale planning related to Information Security Engineering deliverables. • Review and analyze moderately complex Information Security Engineering challenges that require an in-depth evaluation of variable factors. • Contribute to the resolution of moderately complex issues and consult with others to meet Information Security Engineering deliverables while leveraging solid understanding of the function policies procedures and compliance requirements. • Collaborate with client personnel in Information Security Engineering. Required Qualifications: • 4 years of Information Security Engineering experience or equivalent demonstrated through one or a combination of the following: work or consulting experience training military experience education. Skills: The Senior Information Security Engineer will: • Conduct Dynamic Application Security Testing (DAST) through manual testing and by using automated testing tools • Review test results from tools • Ensure that DAST tests are completed successfully • Identify and remove any false positives from automated testing tool reports • Triage & Disposition results and enforce a Bug Bar • Verify/validate defect fixes • Provide application security consulting SME Support to developers • Assist developers with understanding of security defects and risk • Assist in defining acceptable solution to fix defects • Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities • Develop and review malicious use cases/threat models • Maintain a broad understanding of security technologies and products Requirements: • 5 years of information security applications and systems experience • 3 years of DAST Dynamic Application Security Testing experience • 3 years of automated information security penetration tools experience • Penetration testing certification such us GPEN GXPEN GWAPT or OSCP About the Company: Syntricate Technologies Inc