Hybrid Opportunity || Security Consultant || Dallas, TX || Full Time only

Role: Security Consultant

Location : Dallas, TX- Hybrid

Mode of Hire: Full Time

Job Description:

Need strong Vulnerability Assessment & Penetration Testing, particularly in API Pen-testing exp

1. Good understanding of OWASP top10 vulnerabilities

2. Burp scanning procedures.

3. Penetration testing skills,

4. In depth understanding between risk severity and probability

5. Describe specific steps or methodology for identified risk remediation.

6. Vulnerability identification and remediation ,

7. Risk frameworks,

8. Mitigation and remediation strategies,

9. Concepts of SAST, DAST, DEVSECOPS.

Responsibilities and Day to Day View Execute vulnerability assessment of applications via automated and manual techniques to understand the risk and security posture of the applications in pre prod and prod envs. Perform security analysis and identify new engineering standards for cloud, on prem, and/or mobile applications based on modern HTTP based web applications and microservices that improves security posture. Analyze HTTP request/response data and collaborate knowledge with technology teams to find root cause and hardening opportunities. Conduct, lead and handoff incident response activities (triage, communications, containment, root cause analysis, remediation) Assess, triage and prioritize security detections from logs and monitoring alerts for suspicious or anomalous activity including bot traffic Review application design, architecture and configuration from security standpoint and provide recommendations based on security best practices Research, design, and develop solutions meeting internal and external compliance, security requirements and standards for Site Security & Reliability Engineering Drives defense in depth security for the organization to protect critical IT assets and data Understands cryptography and encryption of data stored and transmitted. Logging, monitoring, and responding to detected incidents. Serving as the voice of the customer to the development and system support teams in implementing new features or resolving security issues that exist in technology implementations. Required Qualifications Ability to conduct creative and in depth manual security testing (ethical hacking). Identifies critical security gaps and drives them to resolution within required timelines. Ability to write and develop security and infrastructure Security standards and requirements Ability to use automated scans to identify security vulnerabilities and configuration gaps Exceptional ability to communicate and drive progress on compliance by influencing action owners and tracking progress with reports, dashboards and other tracking mechanisms. Ability to program and automate communications and notifications to action owners At least 2 4 years experience in working in Azure cloud, information security, PCI and SOC compliance Perform security analysis of cloud configurations Experience in Application Security Testing, using automated SAST Scanners (Veracode Preferred), DAST Scanners (AppScan Enterprise Preferred) and Pen Testing tools, like BurpSuite. Familiarity with investigative technologies such as log analysis, HTTP debugging tools Familiarity with tools such as Splunk, EFK, Dynatrace, QuantumMetric, and any Web Application Firewall (WAF)

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.