Role : Product Security Engineer/PENETRATION TESTING

Location : Boston, MA (Onsite)

Long term contract

Must Have Skill : PENETRATION TESTING AND QNX AND DDS / "DATA DISTRIBUTION SERVICE") AND ("WIRESHARK")

Technical Skills:

• The ability to perform penetration testing activities on one or more of the following independently: Web Applications, Cloud Infrastructure, IT Infrastructure, Mobile and Embedded Operating Systems, and Applications

• Familiar with Pen testing tools: (e.g., Nessus, Nexpose, Metasploit, nmap, BurpSuite, Kismet, Nipper, Wireshark and Kail)

• A broad knowledge of attack vectors exploits and mitigations that work at scale or may be linked together for chained attacks.

• Strong understanding of CI/CD pipelines and experience with integrating security testing into automated build processes.

• An understanding of security monitoring assessments

• A good understanding of Windows/Linux-based operating systems and networking

• Familiarity with cloud computing models, technologies, and concepts

• Skills with some of the following: Bash, PowerShell, Python, Go, Assembly, C/C , C#, JavaScript, Java

Experience with development tools such as compilers, emulators/JTAG, and debuggers

Demonstrating good working knowledge of embedded security best practices and the secure development lifecycle.

Involved in development using SSL/TLS encryption.