drjobs Senior Security and Vulnerability Tester
  1. Home
  2. Jobs In USA
  3. Senior Security and Vulnerability Tester

Senior Security and Vulnerability Tester

Hirekeyz Inc
Posted on : 23-10-2024

Employer Active

drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
drjobs
Register to Apply Apply Now
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Alexander City - USA

Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Posted on : 23-10-2024

Job Description

Role:: Senior Security and Vulnerability Tester (Liferay Portal)
Location: Austin TX
Duration: 6 Months
Type: FTC

Below are five Key Testing skills needed for this role. Please prioritize this

  1. Vulnerability Scanning
  2. Penetration Testing (Pen Testing)
  3. Static Application Security Testing (SAST)
  4. Dynamic Application Security Testing (DAST)
  5. API Security Testing

Job Description: Senior Security and Vulnerability Tester (Liferay Portal)

Job Summary:

We are seeking an experienced Senior Security and Vulnerability Tester specializing in Liferay Portal to join our team. The ideal candidate will be responsible for ensuring the security of our Liferay Portal through rigorous security testing vulnerability assessments and penetration testing. This role requires deep knowledge of application security vulnerability scanning and the ability to identify analyze and mitigate security risks in a Liferaybased environment.

Key Responsibilities:

  1. Vulnerability Scanning:

Conduct regular vulnerability scans using tools like Nessus Insight VM and Qualys to identify security flaws in Liferay and its supporting infrastructure.

Analyze scan results and collaborate with development teams to patch and resolve identified vulnerabilities.

  1. Penetration Testing:

Perform comprehensive penetration testing on the Liferay Portal to uncover vulnerabilities such as SQL Injection CrossSite Scripting (XSS) and CrossSite Request Forgery (CSRF).

Utilize tools such as Burp Suite Metasploit and OWASP ZAP to simulate realworld attacks and assess system resilience.

  1. Static Application Security Testing (SAST):

Review the source code of Liferay components and custom modules using tools like SonarQube Checkmarx and Fortify to identify insecure coding practices.

Provide recommendations for improving code security and conduct regular audits of newly developed code.

  1. Dynamic Application Security Testing (DAST):

Perform dynamic application security testing to identify runtime vulnerabilities in the Liferay Portal using tools like OWASP ZAP Netsparker or Acunetix.

Validate the effectiveness of security controls in realtime and recommend remediation strategies.

  1. API Security Testing:

Assess the security of APIs integrated with the Liferay Portal for authentication authorization and data exposure vulnerabilities.

Use tools like Postman Burp Suite or OWASP API Security Testing Guide to evaluate API endpoints for common vulnerabilities such as broken authentication and insecure direct

object references.

  1. Configuration Auditing:

Perform security configuration audits of the Liferay portal and server environment ensuring compliance with industry best practices (SSL/TLS rolebased access control etc.).

Identify and mitigate security misconfigurations that could expose the portal to potential attacks.

  1. CrossSite Scripting (XSS) and Injection Testing:

Perform specialized testing to detect XSS SQL Injection and other injection vulnerabilities in the portal.

Work closely with development teams to ensure proper input validation and security mechanisms are in place.

Required Skills and Experience:

  • 5 years of experience in application security testing including vulnerability assessments and penetration testing.
  • Handson experience with Liferay Portal security testing.
  • Proficiency in vulnerability scanning tools such as Nessus OpenVAS or Qualys.
  • Strong knowledge of Penetration Testing tools like Burp Suite OWASP ZAP Metasploit and Kali Linux.
  • Expertise in Static Application Security Testing (SAST) using tools like SonarQube Fortify or Checkmarx.
  • Familiarity with security configuration best practices (SSL/TLS RBAC database security).
  • Proven experience in detecting and mitigating CrossSite Scripting (XSS) SQL Injection and other common web vulnerabilities.
  • Understanding of OWASP Top 10 vulnerabilities and how to prevent them.
  • Strong problemsolving skills and attention to detail.

Preferred Qualifications:

  • Experience with cloudbased environments (AWS Azure) and container security.
  • Familiarity with DevSecOps practices and tools for integrating security into the SDLC.

Employment Type

Full Time

Company Industry

Key Skills

Register to Apply
Apply Now

About Company

Hirekeyz Inc
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
Register for Free

Free AI Resume Review

Get Hired 3x Faster with free, confidential review from Ai resume review service.
Order Now

Resume, LinkedIn, Cover Letter

Elevate your professional profile with expertly crafted documents including your resume, LinkedIn profile, cover letter.
Start Now

Dr.Job AutoApply

3X your job search with AutoApply's AI for faster dream job results.
Learn More

Reverse Recruiting

Never apply for a job again. We apply and track jobs for you to find your perfect match.

Similar Jobs

Personnel Security and Vetting Policy Support SME TSSCI

Federal Staffing Solutions Inc. -

Senior Golang and Microcervices Develper

Launch Legends - Cheyenne , WY

Senior Project Manager

Fusion92 - Chicago , IL

Senior Recruiter

Random Talent Partners - Omaha , NE

Senior Project Engineer - HVAC

Kmjj Enterprise, Llc - Johnson City

Senior Full Stack Software Engineer

Smartx Advisory Solutions - West Palm Beach , FL

Senior Project Engineer - Heat Pump

Kmjj Enterprise, Llc - Johnson City

SAP SD Functional with OTC and Service to CashCustomer Service experience

Cogent Ibs - Not Mentioned
  1. Home
  2. Jobs In USA
  3. Senior Security and Vulnerability Tester
About Drjobpro.com

Dr. Job is an online platform that connects employers with skilled job seekers, facilitating the search for job opportunities and top talent. Established in 2015. Dr. Job Pro has emerged as the world premier job portal, attracting thousands of job seekers every day from all over the world.

Follow Dr.Job

LinkedIn Drjobpro Facebook Drjobpro Twitter Drjobpro Instagram Drjobpro Youtube Drjobpro Tiktok Drjobpro SnapChat Drjobpro

Dr Job FZ LLC. 2024 © All Rights Reserved

Terms of Use Privacy Policy Cookie Policy

Company

About

How it Works

SiteMap

Contact Us

Blog

Popular Searches

Popular jobs in worldwide

Employer

Post Job Free

CV Search

ATS Partners

Job seeker

Job Seeker Login

Job Seeker Register

Search Jobs

AI Job interview

AutoApply

Free Resume Review

Resume Writing

Reverse Recruiting

Companies by Location

Jobs by Countries

Jobs In Saudi Arabia

Jobs In Kuwait

Jobs In Qatar

Jobs In Bahrain

Jobs In Egypt

Jobs In Jordan

Jobs in USA

Jobs in UK

Jobs in India

Change Country