Source Candidate - Java / .Net (Candidate) for Static Application Security Testing

$10-30 USD

Closed

Posted

over 4 years ago

$10-30 USD

Paid on delivery

I have urgent requirement from a client looking for Java / .NET Developer role that needs to be sourced. Type: Full Time Location: US (Multi-location) Responsibility · Core responsibilities include: · Conducting static analysis (source code scanning) · Correlating static and dynamic analysis results and running dynamic scans (penetration testing) · Advising dev teams on secure coding practices for addressing findings · Coding proof of concepts to demonstrate security remediation · Collaborating with application security engineers to tune scanners Job Description Required Skills · Prior experience in source code scanning for security vulnerabilities and manually triaging. · Four year degree in computer science or related field and / or five years' experience in enterprise-grade software development · Extensive enterprise development experience in Java and/or .NET languages · Provable understanding of enterprise architectures and best practices for high-volume, high-availability web / mobile apps · Excellent written and oral communication skills · Understanding of OWASP Top 10 Preferred Skills · Experience with Android / iOS mobile platforms · Experience performing code reviews / reviewing results of static analysis tools · Knowledge of Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) and remediation recommendations Familiarity of vulnerabilities and attack methods, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), SQL Injection (SQLi), etc. and how to identify, trace and remediation the This role must not just be sourced on LinkedIn. It must be sourced across several sources - Boolean, Github (Must be Deep Search). IF YOU DELIVER PEOPLE WITHOUT CAREFULLY CHECKING THE WORK YOU WILL NOT GET PAID. You MUST deliver candidate list in the following format. First Name Last Name Email ID Location of Study University / School Primary Region of Interest Primary Location of Interest LinkedIn Profile GitHub

Android

Mobile App Development

Web Security

.NET

Java

Project ID: 22734412

About the project

3 proposals

Remote project

Active 4 yrs ago

Looking to make some money?

Email address

Benefits of bidding on Freelancer

Set your budget and timeframe

Get paid for your work

Outline your proposal

It's free to sign up and bid on jobs

3 freelancers are bidding on average $27 USD for this job

@vaptsolutions

Have 5+ years of experience in both black box and white box testing penetration testing. Perform VAPT(Vulnerability and penetration testing) services like Web-Application penetration testing; System Application penetration testing; Mobile application penetration testing; Network application penetration testing; social engineering penetration testing etc. Conduct penetration testing in a systematic approach. Follow the standard methodology of the industry like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS to perform penetration testing so that client can concentrate on their professions without worrying about security threats. Web Application Testing: Do web application penetration testing with the latest methodology like OWASP Top-10, SANS Top-25. Perform both manual and automated penetration testing for vulnerabilities like Injection flaws(such as SQL, NoSQL, OS, and LDAP injection etc),Broken Authentication, Sensitive Data Exposure,XML External Entities (XXE), Broken Access Control,Security Misconfiguration, Cross-site scripting(XSS), Insecure Deserialization, Using Components with Known Vulnerabilities,Insufficient Logging & Monitoring. Also perform source code reviews for many technologies like java, .NET, PHP etc. Approach for Manual Web-Application Penetration Testing: Conduct manual testing with following controls: Configuration and Deployment Management Testing Identity Management Testing Authentication Testing Authorization Testing Session

$35 USD in 2 days