Team and Role Overview
We have an opening for an experienced, customer facing developer or PEN Tester / Technical PM to help serve clients on the front lines during the incubation of a new web-focused dynamic application security testing (DAST) offering that is being taken to market by our client. If you are passionate about web technology and development, and even more passionate about web security, that is, making the web safe for users, we want to connect with you!
Responsibilities
- Working with large corporate customers (think Fortune 1000) to understand their web applications
- Scanning customer applications with our prototype scanner
- Learning to tune/train the scanner for optimal coverage
- Leveraging data to provide product feedback on coverage, performance, efficiency, and results
- Analyzing results to assess target web application and API security
- Preparing and delivering customer reports; communicating results to customers
- Summarizing the overall findings for internal discussion
- Providing input to the product planning process
Skills/Experience
- Solid understanding of modern and legacy web architectures
- Runtimes like Node.js, .NET, JVM
- Frameworks like MVC, ASP.NET, Angular, React
- Web services using REST, JSON, XML, SOAP
- Authentication protocols like SSO, HTTP (Basic, Digest, NTLM), Kerberos, OAuth, TLS/X509
- Test frameworks and technologies like Selenium, protractor, macros, etc.
- Development languages like HTML, JavaScript, Typescript, C#, Java, etc.
- Experience in defensive and offensive web security
- Basics – vulnerability classes like OWASP Top 10, keeping up to date with trends and threats
- Hardening – threat modeling, assessing least privilege, crypto best practices, defensive coding
- Auditing – reviewing a site code and configuration to ensure security best practices and safety
- Penetration testing – tools and techniques to thwart web defenses
- Experience with common CI/CD and DevOps/DevSecOps platforms and modern dev workflows
- The ideal candidate will also:
- Possess technical writing and communication skills
- Show discretion when interacting with customers and vendors, as our planning/decision-making is ongoing
- Be adept and dealing with ambiguity, thinking on one’s feet
- Schedule and deliver on tasks in a timely manner
- Thrive in a fast-paced, small-team atmosphere
About Kalles Group
Kalles Group is a consulting and solutions firm that specializes in cybersecurity, business and information technology services. We combine a focus on alignment with domain expertise to deliver pragmatic results with a purposeful experience for our customers and consultants. Kalles Group is a platform for you to become someone better through your work.
Next Steps
No needless hoops to jump through, apply today or email a resume to chrisa@kallesgroup.com.
by via developer jobs - Stack Overflow
No comments:
Post a Comment