INFO SECURITY ENGINEER 5 (Penetration Testing)

Top financial company.

Locations:            MN-Minneapolis; AZ-Chandler; NC-Charlotte;NC-Winston Salem; CA - San Francisco
Type:                   Contract
Duration:             3 months

Job description:
• Conduct dynamic application security testing using both manual and automated testing tools.
• Review test results from tools
• Ensure that automated tests are completed successfully
• Configure tools as required to be successful in evaluating VERA (Vendor remote access) applications
• Identify and remove any false positives from automated testing tool reports
• Triage & Disposition results and enforce a Bug Bar
• Verify/validate defect fixes
• Provide application security consulting SME Support to developers
• Assist developers with understanding of security defects and risk
• Assist in defining acceptable solution to fix defects
• Communicate Security risk to ISCs and ORCs to document security issues and controls for security planning purposes
• Help maintain Security Coding Standards and Bug Bar as required
• Assist in the Development of standards as required
• Provide training
• Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
• Develop and review malicious use cases/threat models
• Maintain a broad understanding of security technologies and products
• Actively participate on improving the security culture and education throughout the organization

Required skills:
• 5+ years of experience in security applications and systems
• Minimum of 5 years of Information Security Engineer/Consultant experience with application penetration testing.
• Minimum of 5 years of demonstrated experience with automated penetration tools
• Minimum of 5 years of demonstrated experience with manual penetration testing tools
• Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within a large organization

Desired skills:
• Advanced Information Security technical skills
• Ability to manage complex issues and develop solutions
• Excellent verbal and written communication skills
• Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
• Knowledge and understanding of banking or financial services industry
• Experience working in a large enterprise environment
• Strong analytical skills with high attention to detail and accuracy
• Knowledge and understanding of information security industry standards and government regulations
• Ability to manage multiple and competing priorities
• Ability to work with limited supervision
• Ability to take on a high level of responsibility, initiative, and accountability
• Good attention to detail and accuracy skills
• Strong collaboration and partnering skills
• Demonstrated experience developing and reviewing malicious use cases/threat models

Job expectations
• Ability to work weekends and holidays as needed or scheduled​​​​​​
Candidate will be required to work onsite at certain facilities in these cities: MN-Minneapolis; AZ-Chandler; NC-Charlotte;NC-Winston Salem; CA - San Francisco

All your information will be kept confidential according to EEO guidelines.

**Please let me know if you might someone to refer or if you are interested for the role.
**Please reply with an updated copy of your resume and preferred time for a call.
**You can call me back at 303.945.3632.