Position - Contract - Remote (Montpelier, Vermont) VT - State Government Project
Must Provide 3 References
Required
• Proven experience in web application penetration testing in enterprise environments
• Strong working knowledge of OWASP Top 10 Web Application Security Risks
• Experience performing manual and automated vulnerability testing and exploitation
• Hands-on experience testing authentication, authorization, and session management controls
• Experience identifying and exploiting vulnerabilities such as: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Path Traversal, XML/XPath Injection
• Experience conducting API security testing (REST/SOAP services)
• Ability to perform business logic security testing
• Experience generating risk-ranked technical reports with remediation recommendations
Preferred
• Experience with Salesforce, MuleSoft, and Okta security testing
• Experience with business logic exploitation testing
• Familiarity with OSSTM methodology
• Experience working with State/Government agencies
• Strong documentation and reporting skills
Specific Skills:
• Web application penetration testing
• API security testing (MuleSoft)
• Authentication & Authorization testing
• Session management review
• SQL Injection, XSS, CSRF testing
• SSL/TLS & certificate analysis
• Business logic flaw testing
• Vulnerability exploitation & validation
• Tools: Burp Suite Pro, Metasploit, SQLMap, Nessus.
If this opportunity aligns with your background and career goals, please respond with your updated resume and contact details to
[email protected]. You may also feel free to reach out at 972-433-6033, Ext. 1005.
This is a remote position.