HI, Hope you are doing great!
This is Harry from Dynamic Enterprise Solutions. We have an urgent requirement with one of our Direct clients (No hidden Layers) , please review below job description and let me know your interest Position ID: DYESJP00019811 Title: IT Application Security Analyst / CyberSecurity Engineer Location: North Chicago, IL Duration: 12 Months+ Description: Certification such as OSCP, OSWE, or ECSA Role Description Pharmaceutical client Information Security is looking for a highly motivated, diligent, and skillful analyst to join the Attack Surface Management (ASM) team. Pharmaceutical client's Application Security team protects Pharmaceutical client's patients, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks. Application Security is a capability of ASM within the larger Cyber Security Operations (CSO) function. Join us as Associate Security Analyst, Application Security to support and improve our efforts to identify and reduce Pharmaceutical client's attack surface and help our business continue to have remarkable impacts on people's lives. The Associate Application Security Analyst is a key member of the Attack Surface Management team and works with internal and external groups to identify and drive remediation of information security risks across all Pharmaceutical client web application environments. The Application Security Analyst will: * Maintain awareness of the latest critical information security vulnerabilities, threats, and exploits * Provide guidance on existing and emerging threats in the web and mobile application space as they apply within the Pharmaceutical client environment * Facilitate application demonstration sessions with developers and application owners to educate the Application Security team on application functionality prior to performing technical security assessments * Assist in conducting and facilitating security reviews, as directed by senior team members, throughout the application development lifecycle, including tasks such as: o Performing and improving security assessments for Pharmaceutical client applications across the enterprise o Documenting application security vulnerabilities within Pharmaceutical client's tracking system o Communicating vulnerabilities to application stakeholders * Assist in communicating technical application security concepts to customers, including developers, architects, and managers * Assist in training customer staff on application security and remediation of application security code defects * Identify enhancements to tools, standards, and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Application Risk program on a global basis * Guide and mentor other members of the application security team, which involves troubleshooting testing-related issues, knowledge sharing, and help with testing-related activities * Experience with testing and exploitation of applications using cloud technologies such as AWS, Azure, GCP Qualifications* * Demonstrated advanced knowledge of web application vulnerabilities and web application business logic flaws and threats * Demonstrated advanced understanding of application architectures and technologies, including web applications, mobile technology, data encryption, and identity and access management. * Advanced hands-on experience with manual vulnerability testing and static code analysis * Advanced experience with tools including, but not limited to, Kali Linux platform and built-in tools, Burp Suite, and OWASP ZAP * Strong Hands-On experience with testing and exploitation of iOS and Android applications, which includes static, dynamic analysis and reversing of the apps. * Experience with at least one of the Scripting languages (python, PowerShell, bash, etc.) and automation * In-depth understanding, testing and exploitation of Web APIs and related components * Candidate must have an advanced understanding of security controls such as Authentication, Authorization, Access Control, Cryptography, and Network Protocols along with security standards: OWASP Top 10, SANS 25, NIST, and CVE * Written and verbal communication skills are critical * Adept at communicating concepts to diverse audiences with varying skill sets. * Certification such as OSCP, OSWE, GWAPT, or GPEN is a plus * Education & Experience - Minimum of one of the following: o No college degree and 8 years of IT experience with 6 years in a specialized information security role o Bachelor's Degree in computer science or related technical field and 6 years of IT experience o Bachelor's Degree in computer science or related technical field and 5 years of specialized information security experience o Master's Degree in computer science or related technical field and 4 years of specialized information security experience This position is part of Pharmaceutical client's Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk. Years of experience/education and/or certifications required: * No college degree and 8 years of IT experience with 6 years in a specialized information security role * Bachelor's Degree in computer science or related technical field and 6 years of IT experience * Bachelor's Degree in computer science or related technical field and 5 years of specialized information security experience * Master's Degree in computer science or related technical field and 4 years of specialized information security experience What are the top 3-5 skills requirements should this person have? * Experience in application PEN testing * Familiarly with OWASP Top 10 * Well organized and good at communicating What is a nice to have (but not required) regarding skills, requirements, experience, education, or certification? * Certification such as OSCP, OSWE, GWAPT, or GPEN is a plus Thanks & Regard's Harry John Dynamic Enterprise Solutions Inc 1801 Hicks Rd, unit A Rolling Meadows, IL -60008 (847) 701-5896 /(c) 224-635-0898 -- You received this message because you are subscribed to "rtc-linux". Membership options at http://groups.google.com/group/rtc-linux . Please read http://groups.google.com/group/rtc-linux/web/checklist before submitting a driver. --- You received this message because you are subscribed to the Google Groups "rtc-linux" group. To unsubscribe from this group and stop receiving emails from it, send an email to rtc-linux+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/rtc-linux/MAZPR01MB8566C4B6887A23F8202418FB96099%40MAZPR01MB8566.INDPRD01.PROD.OUTLOOK.COM.
