This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Software Security Penetration Tester - VerSprite
From OWASP
Revision as of 19:38, 2 June 2010 by KateHartmann (talk | contribs) (Created page with ''''Role Summary/Purpose''' The Software Security Penetration Tester will serve to ID software vulnerabilities and work with client development teams to design / implement soluti…')
Role Summary/Purpose
The Software Security Penetration Tester will serve to ID software vulnerabilities and work with client development teams to design / implement solutions to ensure and protect the safety and security of all information systems assets; Assess client applications and software products across all businesses and provide guidance / direction for the protection of information systems and intellectual property assets.
Essential Responsibilities
- Ensures that plans for security technologies integrate effectively with other aspects of the technical infrastructure
- Evaluate / recommend technologies that could improve current systems and ensure that plans for security technologies integrate with client technical infrastructure
- Conduct software security assessments including threat modeling, security / penetration testing and vulnerability assessments
- Utilize both manual methods and automated tools to identify and exploit vulnerabilities
- Further enhance software security assessment methodologies and processes
- Evaluate emerging technologies / tools to detect, mitigate, triage, and remediate software security defects across client enterprises
- Work with client application and product teams to encourage a security mindset throughout software development from concept to testing and implementation
Qualifications/Requirements
- Bachelors degree in Computer Science, Computer System Engineering or equivalent field of study or experience
- Minimum 3 years hands-on experience in software security testing, application security architecture and/or information security
- Minimum 3 years experience performing penetration tests using both automated security tools and manual techniques.
- Minimum 1 year experience working with, or developing, secure coding standards for C / C++, Java, and .NET