US-: Lead Security QA Analyst

SQAFYI - Software QA Resource - FYI

To see other opportunities, please visit http://sqa.fyicenter.com
Date: 30-Mar-2009

Lead Security QA Analyst

What does the job entail?

* Ensure test cases are developed and used for security testing during the QA process. * Assist security personnel in conducting application penetration tests. * Train QA personnel on proper security testing methodologies. * Test applications using open source and commercial security scanners * Document and validate security testing practices in place * Participate in application design meetings * Support security engineering team in testing malware

Are you a good fit?

* Knowledge of open security testing standards and projects, including OWASP * Knowledge of Windows, Linux operating systems and security * Knowledge of MS SQLServer and MySql * Knowledge of ASP.net applications * Knowledge of Java applications * Knowledge of IPS/IDS and Application Firewalls

What do you need to do this job?

* 5 plus years in a QA or system testing position * 2 plus years specializing in security testing

* BSEE or BS in Computer Science Required, MS preferred * Advanced security certification (CISSP, CISM, CISA, CEH or GIAC) required * Experience in utilizing open source and commercial application security scanners

* Strong knowledge of authentication and authorization methods. * Strong knowledge of injection attacks * Strong knowledge of Cross Site Request Forgery (CSRF), Cross Domain Request Forgery (CDRF) and Servicer Side Request Forgery (SSRF)

To apply for this position, please visit this Website.

Thank you,
Team SQAFYI - Software QA Resource FYI
http://sqa.fyicenter.com

US-: Lead Security QA Analyst