Manager Penetration Testing & Red Team
- Serve as the domain expert to assess web applications for security risks
- Perform manual and automated scanning and security analysis QualysGuard platform to find web application vulnerabilities
- Lead ethical hacking and penetration testing sessions and remediation efforts
- Work with engineering teams during application development process to adopt secure design and coding practices
- Develop and extend tools that support investigation and improve web application security posture
- Collaborate with other security and product experts in Qualys to add new capabilities to QualysGuard product suite.
- Bachelors/Masters degree in Engineering, Information Security, Information Assurance, Network Security or related field
- 5+ years of strong application security experience with thorough understanding of web application vulnerabilities
- A passion for ethical hacking and vulnerability research
- Knowledge of secure coding principles and practices for web applications
- Hands-on experience with application security assessment methodologies and tools
- Expert knowledge of information security principles, web applications and malicious code and common techniques used by hackers
- Knowledge of cloud-based infrastructure and how it affect security implementations
- Experience with application security practices and methods such as OWASP, WASC etc.
- Experience using vulnerability assessment scanners and source code analysis tools such as QualysGuard, Burp Suite, Paros, Samurai WTF, and Kali Linux.
- Excellent problem solving and analytical skills; outstanding oral and written communication skills
- Self-motivation and the ability to work under minimal supervision are a must
- Programming knowledge - PHP, Java, Python, or Go