A bit about you
You like to break things and solve problems. You're constantly learning new techniques, playing with fresh exploit code, owning lab targets, participating in bug bounty programs, speaking at conferences and writing white papers.
A day in the life
At eVAL you'll be breaking into web applications, auditing source code, learning the latest exploits, continually educating yourself on the industry, and most importantly having fun!
We have a strong team environment and are always there to help each other out.
Role & Responsibilities
You will help assist the team by performing application penetration tests. Most of the work can be done remotely, but some jobs will require you to be on site. * Any travel will be accommodated.
Experience & Education
- 3+ years of application security experience
- 1+ year of security consulting experience
- 1+ year of application penetration testing / code auditing
- 1+ year of technical report writing (Anonymized report samples are a plus)
- Understanding of federal and industry regulations (PCI, HIPAA, SOX, GLBA etc)
- Academic focus in Cyber Security engineering or Comp Sci. is a plus, but not required
- Strong verbal/written communication skills
- Self-management and discipline to work independently with minimal guidance
- Alphabet Soup: OSCP/E, OSWE, GPEN, GWAPT, GXPN
- Network Protocol knowledge (TCP/IP, UDP, HTTP[S])
- Demonstrate competency in AppSec tools like: IBM AppScan, Burpsuite Pro, HP Webinspect, OWTF, Accunetix
- Demonstrate abilities in manual web application testing (SQLi/command injection/XSS/etc)
- Past life experience as a developer a plus
- Flexible availability on weekends/evenings
- Flexible availability for on-site and remote engagements
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.