*Hello* *Partners ,* *Please send matching profiles to anil....@metaoption.com <anil....@metaoption.com> or reach me (201)-984-3154.*
*Position: Application Security Tester* *Location: Washington DC* *Duration: **3-6 months* *Job Description:* Responsible for ensuring the security of Internet-based applications by interacting with software engineers, quality assurance testers, business analysts, and software application managers throughout the entire software lifecycle. Provides direct support to the business and IT projects for security related issues. Educates IT and the business about security policies and consults on security issues. Enforces security policies and procedures by administering and monitoring security profiles, reviewing security violation reports and investigating possible security violations. Involved in the evaluation of security products and/or procedures to enhance productivity and effectiveness. Here are the test types that the security test contractor may need to perform: - · Ad-hoc Pen Test - · Planned Pen Test - · Release Testing - · Appscan (automated application security test tool) - · Appscan Source (automated application security source code evaluation tool) · Manual Cod Review - 5-7 years of IT work experience, with at least 3 years’ experience in software development or network security testing. Previous system administrator or software developer experience desired *Any special knowledge or skills:* - ISO27001 training highly desired. - COBIT and/or ITIL Foundation Certification highly desired. - CISSP, CIPP, CISM, CISA, CRISC or equivalent industry certifications desired. - Demonstrated strong analytical ability and technology related experience performing problem resolution. - Excellent oral and written communication skills required including ability to make effective presentations and create documentation and reporting artifacts. - Excellent desktop skills in Microsoft Office products required. - Knowledge of software engineering methodologies, technology architectures, systems integration, emerging technologies, contract management and operations. - Ability to exercise sound judgment in complex situations. *Duties* Analyzes risk, plan and perform security testing for new application systems, business services, and changes, including new 3rd party delivered business services. Record issues and recommend potential solutions. Respond to and, where appropriate, investigate, resolve or escalate reported security incidents. Monitor and ensure the security of databases and data transferred both internally and externally. Review logs and reports for problematic activity and initiate corrective action Monitor and review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, firewalls, business applications, etc.). Interpret the implications of that activity and devise plans for appropriate resolution. Monitor access and authentication controls, end-user accounts, privileged accounts, permissions and access rights. Maintain up-to-date baselines for the secure configuration and operations of all in-place devices and applications, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, business applications, etc.). Recommend, schedule, test, and/or apply fixes, security patches and any other measures required in the event of a security breach or identification of a new vulnerability. Provide data for information security measurements and metrics (key goal indicators, key performance indicators, etc) and create audience appropriate reports. *Thanks & Regards,* *Anil Jha* *Technical Recruiter* *+1(201)-984-3154* *anil....@metaoption.com <anil....@metaoption.com>* *www.metaoption.com* <http://www.metaoption.com/> *Skype: anil.jha**.metaoption* *http://www.linkedin.com/pub/anil-jha/87/b3a/2b6/ <http://www.linkedin.com/pub/anil-jha/87/b3a/2b6/>* *GTalk: anil.techwire* -- You received this message because you are subscribed to the Google Groups "SAP BASIS" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-basis+unsubscr...@googlegroups.com. To post to this group, send email to sap-basis@googlegroups.com. Visit this group at http://groups.google.com/group/sap-basis. For more options, visit https://groups.google.com/d/optout.
