Share this Job

Date: Jan 5, 2018

Location: New Castle, DE, US

Company: NTT DATA Services

Req ID: 8343 

 

At NTT DATA Services, we know that with the right people on board, anything is possible. The quality, integrity, and commitment of our employees are key factors in our company’s growth, market presence and our ability to help our clients stay a step ahead of the competition. By hiring the best people and helping them grow both professionally and personally, we ensure a bright future for NTT DATA Services and for the people who work here.

 

NTT DATA Services currently seeks a Sr. Vulnerability Assessment Analyst, Fort Lauderdale, FL to join our team in New Castle, Delaware (US-DE), United States (US).

 

 

NTT DATA Services, Inc. currently seeks a Sr. Vulnerability Assessment Analyst to support a client in Fort Lauderdale, Florida.

 

Responsibilities:

 

-         Deep-dive application vulnerability assessment using a comprehensive testing process as well as identifying weaknesses and vulnerabilities within the system and proposing/implementing countermeasures

-         Interfacing with development organizations to onboard applications and perform dynamic code reviews using tools like Burp Proxy, IBM AppScan and WebInspect

-         Perform dynamic penetration testing and vulnerability assessment using ethical hacking, security control and countermeasure skills

-         Integration of security tools with build environments to ensure iterative scanning during the SDLC

-         In-depth testing of the security of critical applications & discovering possible gaps using threat model, source code review, application behavior analysis and other security framework or best practices, e.g. OWASP, OSSTMM, NIST publications, SANS/CWE.

-         Subject matter expert in offensive information security specialized in web programming and applications technology.

-         Validating automated testing results and prioritizing them based on the overall risk

-         Verifying findings as needed with application development team and performing application scanning using binaries as well as performing manual source code review for security vulnerabilities

-         Write formal security assessment report for each application using the company's standard reporting format and articulating security issues to technical and nontechnical audience

-         Reporting directly to management for any major flaws identified.

-         Rerun the scans on weekly basis

-         Participating in conference calls with application team to help understand the security risk, if required

 

Requirements:

 

-         3 to 10 years' experience development background in J2EE or .NET & Web frameworks

-         Knowledge of web application technology, e.g. Application Servers, Web Servers, Databases

-         Conducting vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience

-         Identifying, researching, validating, and exploiting various different known and unknown security vulnerabilities on server and client side

-         Conducting one or more of the following functions:

ü  Application vulnerability assessments

ü  Source code review

ü  Application architecture reviews or threat modeling

-         Using tools such as Burp Proxy, IBM AppScan, WebInspect, etc.

-         A basic understanding of security, web based and infrastructure vulnerabilities

-         Experience with IDE's such as knowledge of web servers, application servers, build tools, etc.

-         Knowledge of tools and processes used to expose known and undocumented vulnerabilities in various different systems

o    Understanding and debugging application build/compilation related errors

o    Excellent communication skills (written and verbal) and the ability to communicate with all levels of staff and management

 

Preferences:

-Must have or be willing to obtain Industry accredited security certifications (such as GIAC GXPN, GPEN, GCIH, CISSP, CEH, etc.)

 

Basic Qualifications:

 

-         3 to 10 years' experience development background in J2EE or .NET & Web frameworks

-         Knowledge of web application technology, e.g. Application Servers, Web Servers, Databases

 

This position is only available to those interested in direct staff employment opportunities with NTT DATA, Inc. or its subsidiaries.  Please note, 1099 or corp-2-corp contractors or the equivalent will NOT be considered. We offer a full comprehensive benefits package that starts from your first day of employment.                                                                                

                     

About NTT DATA Services

 

NTT DATA Services partners with clients to navigate and simplify the modern complexities of business and technology, delivering the insights, solutions and outcomes that matter most. We deliver tangible business results by combining deep industry expertise with applied innovations in digital, cloud and automation across a comprehensive portfolio of consulting, applications, infrastructure and business process services.

 

NTT DATA Services, headquartered in Plano, Texas, is a division of NTT DATA Corporation, a top 10 global business and IT services provider with 100,000+ professionals in more than 50 countries, and NTT Group, a partner to 85 percent of the Fortune 100. Visit nttdataservices.com to learn more.

 

NTT DATA, Inc. (the “Company”) is an equal opportunity employer and makes employment decisions on the basis of merit and business needs.  The Company will consider all qualified applicants for employment without regard to race, color, religious creed, citizenship, national origin, ancestry, age, sex, sexual orientation, genetic information, physical or mental disability, veteran or marital status, or any other class protected by law.  To comply with applicable laws ensuring equal employment opportunities to qualified individuals with a disability, the Company will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual with a disability who is an applicant or an employee unless undue hardship to the Company would result.

 

 

 


Nearest Major Market: Philadelphia

Job Segment: Developer, Consulting, Application Developer, Java, Cloud, Technology