Job Title : Sr. Application Security Pentester
Location : New York, NY||Flushing, NY||Dobbs Ferry, NY||Armonk, NY - onsite
Duration: 6 months
Sr. Application Security Pentester
Job Description
· Assisting in technical scoping of security testing activities
· curation and assessment of vulnerability data (across multiple platforms/tools) from a manual penetration perspective, to focus on true exploitation.
· Conducting focused research when not deployed on an active project.
· Provide consultative guidance to customers on findings identified in a clear and actionable fashion both in writing and verbally.
· Architecture Security Analyzing and Threat Modeling as required.
· Curation and assessment of vulnerability data (across multiple platforms/tools) from a code assessment perspective, to ensure false positive review and analysis to provide target results to customers.
· Provide technical guidance in supporting member firms in conducting necessary remedial actions and responding to client vulnerability questions or disclosures.
· Help develop tooling deployment and relevant scanning configurations to enhance practical testing processes.
· Escalates key risks and issues to the relevant Regional Operations Manager which need special attention or hold urgency.
· Operate in the wider organization to drive risk reduction goals and in the continuous improvement vulnerability related services.
· as needed to meet customer requests support code assessment and network infrastructure
· Typical security testing activities:
o Software/Web Application/Web Services penetration testing
o network Penetration Testing
o Mobile Application Penetration Testing
o Thick Client Penetration Testing
o Knows scripting language.
o Review test cases from time to time
· Automated tools like Burp Suite
Minimum Experience – 6 to 8 years
Preferred Certification – CISSP, OSCP/CPT/CEPT/ CMWAPT .
Role Descriptions: Infrastructure Application Penetration Testing resources to perform routine penetration testing of BNP Paribas systems to identify vulnerabilities and ensure compliance with regulators as well as internal information security policy
Essential Skills: 2 RGS for BNPP RFP.Infrastructure Application Penetration Testing resources to perform routine penetration testing of BNP Paribas systems to identify vulnerabilities and ensure compliance with regulators as well as internal information security policy.
Desirable Skills:
Keyword:
Skills: Vulnerability Assessment and Penetration Testing
Experience Required: 6-8