Job Seekers, Please send resumes to resumes@hireitpeople.com Primary Skills- Sr. Security Expert, Acunetix, threat modeling, security flaws. 
Duration: Long term. At least 6 to 12 months+

Complete Description:

 1. Install and Configure Acunetix security scanner (with acusensor agent), and run scans against public facing .net applications.

2.Interpreted results from other scanners like Hailstorm and Saint, and isolate false positives.

3.Remediate, as well as work alongside vendors and/or in-house developers in remediating issues.

4.Use  other manual/custom methodologies in performing vulnerability assessment and possibly light penetration attempts, at the application and database (SQL) levels.

5.Other related tasks as assigned by PM  or PM’s Designee such as the  IT Security SME.

Skills:

Skill

Required / Desired

Amount

of Experience

Expertise Rating

Experienced in Application Vulnerability testing, to include Hands on software code review, as well as remediation, with emphasis on .Net programmer.

Required

7

Years

3 - Expert

Ability to inject security coding into each stage of the Software Development Life Cycle (SDLC).

Required

4

Years

3 - Expert

Threat Modeling

Required

4

Years

3 - Expert

Hand-on experience with installation, configuration and usage of Acunetix Web vulnerability Scanner.

Required

1

Years

3 - Expert

Ability to interpret security scan results from Hailstorm and Saint, isolate false positives.

Required

5

Years

3 - Expert

Assist with remediation of applications security flaws, working alongside application vendor and in-house developers.

Required

5

Years

3 - Expert

Overall IT Software Security experience

Required

10

Years

3 - Expert

Bachelor’s Degree in Computer Science or Computer Engineering

Required

 

 

 

Master’s Degree in Computer Science with Security or Information Assurance concentration

Required

 

 

 

CEH - Certified Ethical Hacker Certification

Required

 

 

 

CSLCP (Certified Software LifeCycle Professional) or GWAPT (GIAC WEB Application Penetration Tester)

Required

 

 

 

Prior experience working as an application security resource for a US Government Agency

Highly desired

1

Years

3 - Expert

Prior experience working as an application security resources for a US financial institution

Highly desired

1

Years

3 - Expert

Hands-on experience with Metasploit and other penetration testing techniques.

Highly desired

2

Years

3 - Expert

Experience setting up and running DB Protect.

Highly desired

2

Years

3 - Expert