JavaScript C++ C# Mobile Application Developer Database Management Tool Analyst   Requirement id 21330 Job title Analyst Job location in Washington, DC Skills required Information Security Services, Web Applications, JAVA SCRIPT, C++ C# Mobile Application Developer Data Open Date 21-Oct-2014 Close Date Job type Contract Duration 12 Months Compensation DOE Status requirement --- Job interview type ---    Email Recruiter: coolsoft Job Description Analyst: Information Security Services, Web Applications, JAVA SCRIPT, C++ C# Mobile Application Developer Data PPLICATION VULNERABILITY MANAGEMENT ANALYST Roles and Responsibilities: Manage, modify and tweak the Application and database security scan profile as per the Funds baseline standards. Perform security analysis of the different layers of the systems (application database layers) by performing manual testing and automated system vulnerability assessment scans using various web, application, operating systems and database vulnerability scanners (IBM AppScan and Guardium Database Scanner) Perform application security testing on both native and web based mobile applications on different mobile platforms (iOS) Review the security architecture of Fund systems and create security test plans based on existing and planned controls and recommendations. Review scanner reports and work with the application development community to remediate issues following a risk based approach. Work with DBA and application development teams, to discuss vulnerabilities through recommending and monitoring of remediation activities. Maintain detailed documentation of test procedures and findings in the Vulnerability management system. Perform manual vulnerability assessment and penetration testing of applications, produce report walk development team through issues. Continuously monitor the published vulnerabilities for various application, operating system and database layer. Analyze the impact of the vulnerabilities on the Funds environment and accordingly publish the advisories to the different stakeholders in the Fund. Based on the publicly disclosed vulnerabilities determine the patching priority and notify the stakeholders. Review the applied patch by scanning the disclosed vulnerabilities. Selection Criteria: Academic/professional training to at least a Bachelors Degree or its international equivalent, preferably in Computer Science, or Computer Engineering (Mandatory); At least 5 years of practice as an Information Security Engineer (Mandatory); o At least 3 year of hands on testing of application security (Mandatory); Possession of industry certifications highly preferred including, but not limited to, Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP), and Information Systems Security Management Professional (ISSMP) (Mandatory) Demonstrated knowledge of running application testing tools (IBM AppScan, Guardium Database scanner), identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and helping develop platform specific remediation plan (Mandatory); Proven level of understanding of web application technologies (Java, .NET) and database management systems (Oracle, MS SQL) and related security concepts (Mandatory); In-depth knowledge of common website vulnerabilities such as SQL injection, cross-site scripting, remote/local file inclusion, etc.; in-depth knowledge of common website exploit techniques such as character encoding, privilege escalation, directory traversal, etc. (Mandatory); Experience with testing ERP solutions (e.g. PeopleSoft) (Optional); Experience with security vulnerability evaluation of proposed implementation of COTS solutions and application middle ware (including collaboration tools like Sharepoint, etc.) (Optional); Demonstrable skills in identifying and mitigating security weaknesses, and incorporating security into enterprise software development lifecycles (Optional); Proven level of understanding of Windows and UNIX operating systems and operation/configuration of common web servers as IIS and Apache is a plus (Optional); Proven level of understanding of HTML, Java script, PHP, Java, C++, C# is a plus (Optional); Proven level of understanding of social collaboration, documentation or web content management platforms is a plus (Optional); Proven le   Call 502-379-4456 Ext 100 for more details. Please provide Requirement id: 21330 while calling.   Other jobs in DC: Washington (6),    Information Security Services job openings in other states Jobs List Application Systems Architect IV - 74461 Create date: 18-Oct-2019 start date:10/24/2019 End date:09/30/2020 submission deadline:10/23/2019 Description: Part Time Solution/Security Architect (expect the role to be between 40-80 hrs/mo depending on the needs of the project.) The Solution/Security Architects role is to .... (This job is for - job Jobs in CO Denver Architect - (in Denver, CO))     (Analyst: Information Security Services, Web Applications, JAVA SCRIPT, C++ C# Mobile Application Developer Data in Washington, DC)

Featured Jobs ASP.Net Government Developer (Jobs in Madison, Wisconsin) Manual Consultant (Jobs in Columbus, Ohio) IT Specialist (Jobs in Columbus, Ohio) Batch CMDB Management System Administrator (Jobs in Glen Allen, Virginia) - Architect (Jobs in Richmond, Virginia) - Analyst (Jobs in Denver, Colorado) PMP Manager (Jobs in Atlanta, Georgia) Budgeting Office Consultant (Jobs in Harrisburg, Pennsylvania) Architecture - - Specialist (Jobs in Raleigh, North Carolina) Javascript Developer (Jobs in Tucker, Georgia)