Urgently looking for security consultant at security brigade

Posted: Nov. 18, 2020, 1:34 p.m. - Full Time - Work from home

Security Brigade is looking for talented Application Security Consultants who will be responsible for security assessments and penetration testing of application and enterprise environments as well as security research and development of security tools, processes and testing methodologies.

Key Tasks and Responsibilities
• Perform application penetration testing, vulnerability assessments and source code reviews
• Profile an application, identifying threats, and developing test cases to target identified threats
• Identify and exploit vulnerabilities in applications and networks
• Manage project timelines, deadlines and expectations - including customer interactions
• Prepare reports documenting identified issues based on internal templates
• Interact with customers in a collaborative consultative manor to deliver results, provide feedback and remediation recommendations on findings
• Research emerging security topics and new attack vectors
• Write tools and scripts to automate technical processes and make audits more efficient

Requirements
• In-depth understanding of security issues, exploitation techniques and remediation measures
• Ability to follow an in-depth manual testing process and not just run automated tools and copy paste results
• Development knowledge of any current programming languages
• Strong understanding of software and application security
• Strong oral and written communication skills
• Involvement in software community via OWASP, WASC, Null, ClubHack and/or open source development is highly desirable
• Track record speaking at major security conferences such as OWASP Appsec, SANS Appsec, and Blackhat, Nullcon is highly desirable
• Intercepting proxies (i.e. Burp Proxy, Charles Proxy, Webscarab Proxy, Paros Proxy, etc)