[Owasp-louisville] Application Security Professional position available in Frankfort KY

Johnson, Ted Ted.Johnson at KEANE.COM
Mon Nov 28 15:45:10 EST 2011


Keane has an open position for a full time, direct-hire, Application Security professional here in Frankfort KY with the following description. If you are interested in the position or know someone who is interested in the position, please drop me an email or give me a call at anytime.

Job Description:

Keane is seeking a web application professional to join our  team.   This position will perform web-security assessments and consultation; therefore SANS certification (or ability to become certified) in GWAPT, GSSP-NET or GSSP-JAVA will be highly desirable and applicable to this position.  CISSP or CISA certifications may also be helpful if accompanied by a strong code development background.

This will be a System Architect skill level position.


*         Analyzes requests for information technology development and prepares long range information technology plans across agency organizational business lines.

*         Provides analytical support for large-scale development projects including overall system design and integration; and performs other duties as required

*         Performs vulnerability application scanning using automated toolsets.

*         Reviews and verifies results using manual penetration techniques where applicable.

*         Provides security guidance to application development teams through education and communication.

*         Works with customers to define the risks found in their applications and to give recommendations as to how to resolve each issue.

*         Provides professional summaries and reports to outline and interpret findings of application security audits...

*         Performs internal research activities to remain current on prevalent threat vectors and regulatory requirements


*         Experience developing web applications or business applications that face the Internet using various code languages

*         Knowledge of the HTTP protocol

*         Experience performing web application security testing and using vulnerability testing tools.

*         Experience with web application firewalls desirable.

*         Will be dealing in a highly de-centralized computing environment.

Notes from the Security team about what this person must know:

  *   Knowledge with automated tool sets such as Web Inspect, Grendal, W3AF, Burp etc.
  *   Hands on application development and architecture experience in either .Net or Java technologies
  *   The ability to work off hours occasionally
  *   Not just a technical background but the ability to act as a liaison to application development teams in order to be diplomatic when you tell them where their applications are vulnerable.
  *   Knowledge of the OWASP top 10
  *   Strong communication skills
  *   Above all, uncompromising ethical behavior

Ted Johnson  |  Keane, an NTT DATA company<http://www.keane.com/>  |  Senior Recruiter  |  O. 502.875.7979  |  C. 502.682.7813 | ted.johnson at keane.com

Disclaimer:  This email message and any attachments are for the sole use of the intended recipient(s) and may contain information that is confidential, legally privileged or otherwise exempt from disclosure under applicable law. If you are not the intended recipient(s) or have received this message in error, you are instructed to immediately notify the sender by return email and required to delete this message from your computer system. This communication does not form any contractual obligation on behalf of the sender, the sender's employer or such employer's parent company, affiliates or subsidiaries.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-louisville/attachments/20111128/b550f98e/attachment-0001.html 

More information about the Owasp-louisville mailing list