Web Application Penetration Tester

Job Description

Position Title: Web Application Penetration Tester Duration: 1+ Year Location: Pleasanton, CA Candidates must be located in the Bay Area, who can be in the Pleasanton office as needed W2 Contract Hybrid Must-have requirements- - Advanced knowledge web application penetration testing.

- Extensive knowledge of and proven experience with penetration testing of web applications, and methods and frameworks for identifying and remediating vulnerabilities.

- In-depth knowledge of OWASP Top 10 and other frameworks.

- Proficient knowledge of Java, Spring, and Oracle.

- Working knowledge of Linux and Windows

DELIVERABLES OR TASKS: Provide primary development support: - Conduct details penetration tests using common frameworks such as OWASP to discover vulnerabilities.

- Work closely with the development team to remediate vulnerabilities.

- Develop automation scripts to re-run security tests and ensure that new vulnerabilities are caught before they are deployed to higher environments.

- Assist the development team in ensuring that applications are securely designed and developed.

- Promote high quality, scalability, and timely completion of projects.

- Ensure that all project documentation is produced in the standard format, that it follows internal documentation.

- Serve as subject matter expert for all matters related to web application security.

- Create, test, and implement code changes and integrate them with existing programs as needed.

- Coordinate meetings/communications with the Claims User Community, as needed.

- Ensure that all I.T. requirements (documentation, sign-off, and approvals) are completed as per State Fund’s System Engineering Handbook.

- Provide timely and effective reporting on status of projects.

Provide primary support: - Perform peer code reviews and provide feedback.

- Work with cross functional teams, including Business, QA, and Operations.

- Work closely with Business Users to scope and draft functional requirements.

- Help Users to create test cases, use cases and help with functional testing.

- Debug the system for certain behavior of the feature(s) and explain it to the Users.

TECHNICAL KNOWLEDGE AND SKILLS: - Advanced knowledge web application penetration testing.

- In-depth knowledge of OWASP Top 10 and other frameworks.

- Experience and willingness to work in a fast-paced environment.

- Development experience in an enterprise-class system with multi-tier architecture

- Proficient knowledge of Java, Spring, and Oracle.

- Working knowledge of Linux and Windows

- Extensive knowledge of and proven experience with penetration testing of web applications, and methods and frameworks for identifying and remediating vulnerabilities.

- Strong knowledge in project management practices and ability to document processes and procedures as needed.