Our Client in San Francisco is looking for a Penetration Tester. Below is the job description. If you are interested, please email me a copy of you resume in a Word document along with some good times for us to speak over the phone. Also, if you are not interested but know someone who might be, feel free to forward this posting along.


This is a CONTRACT TO HIRE POSITION and would pay as an FTE approximately 110K. 6 months conversion.



Job Responsibilities:

• Oversee and conduct vulnerability assessments and penetration testing/ethical hacking

• Oversee and perform the review and analysis of security vulnerability data to identify applicability and false positives

• Prepare and distribute security assessment reports to customers

• Research and develop testing tools, techniques, and process improvements

• Perform additional incidental duties as assigned




Job Requirements:

• Bachelor degree in Information Technology/Computer Science, or related disciplines and/or equivalent work experience

• Excellent analytical skills

• Excellent interpersonal, communication, organizational, and project management skills

• Team player with excellent consultative and communication skills, and the proven ability to work effectively with client, internal management and staff, vendors and consultants

• Strong written and verbal communications skills

• Proven ability to communicate technical issues to technical and non-technical business area representatives

• Hands-on experience with commercial and open-source network and application security testing tools

• Experience testing web applications for common security vulnerabilities as defined by OWASP. These include input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues

• Ability to travel

• Approximately 3-5 years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols

• Ability to obtain US Security Clearance

• CISSP certified or the ability to work towards obtaining the certification





Desired

• Script-writing skills (Python, Perl)

• Familiarity with application development (C, C++, .NET, JAVA)

• Experience developing exploits

• Experience with application security source code and design review