*Hello* *Partners ,*

*Please send matching profiles to anil....@metaoption.com
<anil....@metaoption.com> or reach me (201)-984-3154.*



*Position: Application Security Tester*

*Location: Washington DC*

*Duration: 3-6 months*



*Job Description:*

Responsible for ensuring the security of Internet-based applications by
interacting with software engineers, quality assurance testers, business
analysts, and software application managers throughout the entire software
lifecycle. Provides direct support to the business and IT projects for
security related issues. Educates IT and the business about security
policies and consults on security issues. Enforces security policies and
procedures by administering and monitoring security profiles, reviewing
security violation reports and investigating possible security violations.
Involved in the evaluation of security products and/or procedures to
enhance productivity and effectiveness.

Here are the test types that the security test contractor may need to
perform:

   - ·         Ad-hoc Pen Test
   - ·         Planned Pen Test
   - ·         Release Testing
   - ·         Appscan (automated application security test tool)
   - ·         Appscan Source (automated application security source code
   evaluation tool)

·         Manual Cod Review

   - 5-7 years of IT work experience, with at least 3 years’ experience in
   software development or network security testing.

Previous system administrator or software developer experience desired

*Any special knowledge or skills:*

   - ISO27001 training highly desired.
   - COBIT and/or ITIL Foundation Certification highly desired.
   - CISSP, CIPP, CISM, CISA, CRISC or equivalent industry certifications
   desired.
   - Demonstrated strong analytical ability and technology related
   experience performing problem resolution.
   - Excellent oral and written communication skills required including
   ability to make effective presentations and create documentation and
   reporting artifacts.
   - Excellent desktop skills in Microsoft Office products required.
   - Knowledge of software engineering methodologies, technology
   architectures, systems integration, emerging technologies, contract
   management and operations.
   - Ability to exercise sound judgment in complex situations.



*Duties*

Analyzes risk, plan and perform security testing for new application
systems, business services, and changes, including new 3rd party delivered
business services. Record issues and recommend potential solutions.

Respond to and, where appropriate, investigate, resolve or escalate
reported security incidents.

Monitor and ensure the security of databases and data transferred both
internally and externally. Review logs and reports for problematic activity
and initiate corrective action

Monitor and review logs and reports of all in-place devices, whether they
be under direct control (i.e., security tools) or not (i.e., workstations,
servers, network devices, firewalls, business applications, etc.).
Interpret the implications of that activity and devise plans for
appropriate resolution.

Monitor access and authentication controls, end-user accounts, privileged
accounts, permissions and access rights.

Maintain up-to-date baselines for the secure configuration and operations
of all in-place devices and applications, whether they be under direct
control (i.e., security tools) or not (i.e., workstations, servers, network
devices, business applications, etc.).

Recommend, schedule, test, and/or apply fixes, security patches and any
other measures required in the event of a security breach or identification
of a new vulnerability.

Provide data for information security measurements and metrics (key goal
indicators, key performance indicators, etc) and create audience
appropriate reports.



*Thanks & Regards,*

*Anil Jha*

*Technical Recruiter*

*+1(201)-984-3154*

*anil....@metaoption.com <anil....@metaoption.com> **www.metaoption.com*
<http://www.metaoption.com/>

*Skype: anil.jha.metaoption*

 *http://www.linkedin.com/pub/anil-jha/87/b3a/2b6/
<http://www.linkedin.com/pub/anil-jha/87/b3a/2b6/>*

*GTalk: anil.techwire*

-- 
You received this message because you are subscribed to the Google Groups "SAP 
BASIS" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to sap-basis+unsubscr...@googlegroups.com.
To post to this group, send email to sap-basis@googlegroups.com.
Visit this group at http://groups.google.com/group/sap-basis.
For more options, visit https://groups.google.com/d/optout.

Reply via email to