Security Testing

JD:

1. Automated vulnerability scanning to establish a baseline health check of an application using tools such as Traceable. Burpsuite Tenable Web Application Scanner 
2. Manually driven ethical hacking, using a variety of low-level tools including open source and custom utilities and scripts, specifically targeting known areas of risk, guided by the Client methodology and the current state of known vulnerabilities and exploits 
3. Producing a Report describing the vulnerabilities identified and the risks they represent, and their level of criticality Team will perform 
retests on remediations completed by business as per SLA’s. 
4. Developing new utilities and scripts addressing recently discovered vulnerabilities 
5. Incorporating new information, risks, and procedures in the methodology 
5. Maintaining current awareness of newly identified vulnerabilities and exploit techniques 
6. Collaborating with the other members of the Application Security team and with Client development team colleagues to improve both the effectiveness of the penetration testing program and the improved security posture of the applications.