What are the responsibilities and job description for the Cyber Security Cloud Application Tester - Spring, TX (Hybrid) position at Tek Ninjas?
Job Details
Job title: Cyber Security Cloud Application Tester
Location: Spring, TX
JobType: W2 contract
Duration: 12 months
Location: Spring, TX
JobType: W2 contract
Duration: 12 months
Required Skills:
Testing experience- Manual required Cloud testing- Azure preferred, other cloud is ok
Testing experience- Manual required Cloud testing- Azure preferred, other cloud is ok
Job Description:
Cloud Application Tester
ExxonMobil is seeking a Cyber Security Cloud Tester, to serve as a member of a Vulnerability Testing Team.
Cloud Application Tester
ExxonMobil is seeking a Cyber Security Cloud Tester, to serve as a member of a Vulnerability Testing Team.
key roles and responsibilities:
- Independently execute manual cloud-based vulnerability assessments by analyzing systems to determine the presence of vulnerabilities
- Report findings into tracking system with appropriate risk, quality, and effectiveness
- Interact with customers remediation and validation questions
Skills:
- Possess expert technical understanding of cloud environment including IAM, infrastructure, networking, automation, authentication, and security policies.
- Preferably in Azure and/or AWS
- Be familiar with various security assessment tools, and techniques to level of knowing what they do and how they operate.
- Min 2 years' experience penetration/vulnerability testing of cloud systems in an enterprise environment
- Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc.
- Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc.
- Full grasp and ability to articulate and/or train others on the "OWASP Top 10" and related concepts
- Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners
- Ability to capture and analyze network traffic, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data
- Have a solid grasp of core security fundamentals and concepts, including knowing one's system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
