Calance is currently looking for a strong Cloud Security Engineer, working from home to join the global team of one of our clients for a permanent role. The ideal candidate will have expertise in application and network security to ensure that the client’s internal and external applications, websites, services, mobile applications, and other computing resources are designed and implemented. The Cloud Network Engineer must be equipped to telecommute and be self-driven. Roles Responsibilities – Ideal candidates must be looking to be challenged and have the ability to adapt to scenarios and tasks quickly – Conduct security assessments and penetration tests across the organization and beyond, both manually and through automated tools, in order to ensure the security of our applications, systems, and networks.
Promote secure Software Development Lifecycle (SDLC) habits. – Able to work in a remote function and be part of a remote based team – Participate in Incident Response efforts as necessary and related Red vs. Blue activities. – Ensure the security hardening and vulnerability patching of the organization’s networks and infrastructure.
Perform vulnerability assessments and code reviews, advise engineering and management with pragmatic risk mitigation plans. – Provide technical help to distributed personnel who are responsible for the development, deployment, administration, and security of the organization’s applications, services, and networks. – Stay informed about the latest developments in the information security field, including new products and services, through on-line news services, technical magazines, professional associations, industry conferences, training seminars, and other information sources. – Follow and participate in vulnerabilityexploit research.
Requirements – Extensive experience conducting vulnerability assessments, code reviews and penetration tests against web application technologies, services, platforms and languages to find flaws and exploits (e.g., Cross-Site Scripting, SQL Injection, Cross-Site Request Forgery – Authentication Authorization and Business Logic Bypass, OWASP Top 10, CWESANS top 25, PCI, etc.) – Secure software development experience andor training and knowledge of SDLC methodologies – Experience with vulnerability assessment tools and penetration testing techniques. (e.g., web application scanners, static source code analyzers, web application proxies, infrastructure network vulnerability scanners , packet capture and analysis software, network mapping and port scanners, exploit automation platforms, OWASP, OSSTM, WASC, website configuration best practices, etc.) – Solid programming debugging skills with proficiency in one or more of the following Java, JavaScript, XML, PHP, ASP.NET, AJAX, Objective-C, and other scripting languages. Experience as a developer preferred. – Knowledge of vulnerabilities in various operating systems, databases, and networks, in relation to hardening, configuration, deployment, and administration.
Subject matter expertise in general information security, cryptographic principles, common communication protocols, information systems auditing, computer forensics, packet analysis, mobile frameworks, intrusion detectionprevention systems and techniques, and security incident response handling. – Exceptional written and oral communication skills, including the ability to compose concise and accurate assessment and audit reports while being able to explain attacks and root cause of vulnerabilities to technical staff and upper management. – Actively contribute within a team of security professionals, as well as the capability to work independently with limited direction. This position offers a very attactive benefits package, 401k matching, health, dental and vision.
Join the team today! Please send resumes to AChaudharyCalance.com for immediate consideration!! Regards, Ajey Chaudhary Sr. Consultant- Recruitment Calance A CMMi Level 5 Company www.calance.com httpwww.calance.com Cell404-382-0530 vulnerability assessments, code reviews and penetration tests