Job Description

INFO SECURITY ENGINEER 5 (Penetration Testing)

• Contract


Locations: MN-Minneapolis; AZ-Chandler; NC-Charlotte;NC-Winston Salem; CA - San Francisco
Type: Contract
Duration: 3 months

Job description:
Conduct dynamic application security testing using both manual and automated testing tools.
Review test results from tools
Ensure that automated tests are completed successfully
Configure tools as required to be successful in evaluating VERA (Vendor remote access) applications
Identify and remove any false positives from automated testing tool reports
Triage & Disposition results and enforce a Bug Bar
Verify/validate defect fixes
Provide application security consulting SME Support to developers
Assist developers with understanding of security defects and risk
Assist in defining acceptable solution to fix defects
Communicate Security risk to ISCs and ORCs to document security issues and controls for security planning purposes
Help maintain Security Coding Standards and Bug Bar as required
Assist in the Development of standards as required
Provide training
Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
Develop and review malicious use cases/threat models
Maintain a broad understanding of security technologies and products
Actively participate on improving the security culture and education throughout the organization

Required skills:
5+ years of experience in security applications and systems
Minimum of 5 years of Information Security Engineer/Consultant experience with application penetration testing.
Minimum of 5 years of demonstrated experience with automated penetration tools
Minimum of 5 years of demonstrated experience with manual penetration testing tools
Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within a large organization

Desired skills:
Advanced Information Security technical skills
Ability to manage complex issues and develop solutions
Excellent verbal and written communication skills
Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
Knowledge and understanding of banking or financial services industry
Experience working in a large enterprise environment
Strong analytical skills with high attention to detail and accuracy
Knowledge and understanding of information security industry standards and government regulations
Ability to manage multiple and competing priorities
Ability to work with limited supervision
Ability to take on a high level of responsibility, initiative, and accountability
Good attention to detail and accuracy skills
Strong collaboration and partnering skills
Demonstrated experience developing and reviewing malicious use cases/threat models
Job expectations
Ability to work weekends and holidays as needed or scheduled
Candidate will be required to work onsite at certain facilities in these cities: MN-Minneapolis; AZ-Chandler; NC-Charlotte;NC-Winston Salem; CA - San Francisco


All your information will be kept confidential according to EEO guidelines.

**Please let me know if you might someone to refer or if you are interested for the role.
**Please reply with an updated copy of your resume and preferred time for a call.
**You can call me back at 303.945.3632 .


#J-18808-Ljbffr

Job Tags

Similar Jobs