Ethical Hacker

Company Name:
Salary period: Annual
Job Summary:
The primary goal of the Information Security Ethical Hacker is to help verify that our cloud-based Software-as-a-Service (SaaS) web applications are secure.
Responsibilities include performing threat modeling, security assessments and ethical hacking of our web applications. This role will help produce reports that document the risk of vulnerabilities identified by security assessments and penetration tests for each Product Team and our auditors.
Work in dynamic, fast paced development environment and contribute to the success of our high quality applications.
Responsibilities and accountabilities:
ΓΆΒ ΒΆ Perform automated and manual ethical hacking on web applications
ΓΆΒ ΒΆ Documents all test findings and calculate risks associated with vulnerabilities
ΓΆΒ ΒΆ Work with Product Teams to verify that any identified vulnerabilities are addressed
Keyword: Python
Required Experience:
ΓΆΒ ΒΆ Education equivalent to a Bachelors in Information Security or related Computer Science field
ΓΆΒ ΒΆ Minimum 1 year of experience performing ethical hacking on cloud-based multi-tenant Software-as-a-Service (SaaS) applications
ΓΆΒ ΒΆ Experience creating and maintaining risk-based security assessment and ethical hacking reports
ΓΆΒ ΒΆ Familiarity with the security and testing tools such as Burp Suite
ΓΆΒ ΒΆ Ability to create and read code in a modern object-oriented programming language such as ASP.NET/C# or Python and writing SQL scripts and web code (html/css/javascript/etc.)
ΓΆΒ ΒΆ Demonstrates excellent organizational and prioritization skills
ΓΆΒ ΒΆ Demonstrates excellent test planning preparation skills, including test case creation and execution
ΓΆΒ ΒΆ Demonstrates excellent reporting skills
ΓΆΒ ΒΆ Experience working testing Hybrid Mobile apps using HTML5/PhoneGap is a plus
ΓΆΒ ΒΆ Any experience working with Payroll, HR, Time & Labor Management, and Online Benefits Enrollment applications is a plus
ΓΆΒ ΒΆ A relevant certification such as a Certified Ethical Hacker, Licensed Penetration Tester (LPT), or CISSP is a plus
From: Paylocity

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.