Title: Penetration Tester
Location: Charlotte, NC; New York, NY; San Francisco, CA; Irving, TX; Chandler, AZ, Minneapolis, MN (Hybrid)
Duration: 12+Months Contract
Job Description
Must have
5+ years of information security applications and systems experience
3+ years of DAST (Dynamic Application Security Testing) experience
3+ years of automated information security penetration tools experience
Penetration testing certification such us GPEN, GXPEN, GWAPT, or OSCP
Skills: The Senior Information Security Engineer will:
• Conduct Dynamic Application Security Testing (DAST) through manual testing and by using automated testing tools
• Review test results from tools
• Ensure that DAST tests are completed successfully
• Identify and remove any false positives from automated testing tool reports
• Triage & Disposition results and enforce a Bug Bar
• Verify/validate defect fixes
• Provide application security consulting SME Support to developers
• Assist developers with understanding of security defects and risk
• Assist in defining acceptable solution to fix defects
• Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
• Develop and review malicious use cases/threat models
• Maintain a broad understanding of security technologies and products
Comments: Requirements: 5 years of information security applications and systems experience
3 years of DAST Dynamic Application Security Testing experience
3 years of automated information security penetration tools experience Penetration testing certification such us GPEN GXPEN GWAPT or OSCP