Harrisburg, PA, United States
Length and terms:
Long term - W2 or C2C
Position created on 05/21/2022 05:30 am
*** Very long term project; Long term - usually goes for 3+ years***Webcam interview; initial remote due to covid then onsite *** 37.5 hours per week ***
The Enterprise Information Security Office (EISO) is looking for a candidate to provide assistance in conducting vulnerability scanning of new and existing applications. The selected candidate will be responsible to the EISO Program Manager. They will work as part of the EISO team to assist with these efforts across both the enterprise and the agencies.
Currently the selected candidate will be teleworking. At some time in the future, however, the selected candidate may be required to work in Harrisburg, PA, at 5 Technology Park.
The selected candidate will
- Report directly to and take direction from the EISO Program Manager
- Participate in planning sessions with vulnerability staff
- As needed, assist the EISO staff in coordination efforts across independent scanning efforts at the Enterprise and at other business units and agencies.
- Create reports and recommendations from your findings, including the security issues and the associated risks with those findings.
- Provide recommendations for security related findings and how to mitigate risks associated with those findings
The selected candidate shall have
- 2+ years of experience with application testing tools, static and dynamic analysis
- Proven experience in identifying and exploiting business logic and framework related vulnerabilities in removing false positives, and analyzing dynamic scans
- Ability to clearly articulate findings from tests and apply findings to Commonwealth policy
- Knowledge of secure SDLC, CI/CD and Security standards such as OWASP application security verification standard, NIST and CWE.
- Practical experience with a scripting language, .NET, Java, SQL, etc.
- Knowledge of
- Program management
- Microsoft Office, including
- People skills to work smoothly with both technical and business leadership
Contact the recruiter working on this position:
The recruiter working on this position is Ram Shailender
His/her contact number is
His/her contact email is email@example.com
Our recruiters will be more than happy to help you to get this contract.