Kelly Services Security Analyst in The Woodlands, Texas
Location: Houston, Texas; Hughes Landing
Position title: Application Security Analyst – Expert Level
Length of contract: 1 year
Years of experience (minimum/maximum): Min 6 years of experience penetration/vulnerability testing for web and thick-client applications in an enterprise environment
Min 6 years of experience penetration/vulnerability testing for web and thick-client applications in an enterprise environment
Strong understanding of web technologies, e.g. HTTP, HTML, CSS, Forms, Database Connectivity, etc.
Understanding of compliance and regulatory requirements such as PCI DSS, SOX, HIPAA, etc.
Full grasp and ability to articulate and/or train others on the “OWASP Top 10” and related concepts
Minimum 6 years of experience with programming and/or scripting in one or more of the following languages: .NET, Java, PHP, Ruby, Perl, Bash, or similar language
Minimum 6 years of experience with SQL, including a strong understanding of SQL syntax and the ability to perform basic management of MS SQL databases
Ability to perform manual web application vulnerability assessments without the use of automated tools such as web application scanners
Ability to capture and analyze network traffic at all seven layers of the OSI model, including ability to discern whether said network traffic contains vulnerabilities and/or sensitive data
Have a solid grasp of core security fundamentals and concepts, including knowing one’s system, defense in depth, the principle of least privilege, access control, encryption and cryptography, security architecture and design, business continuity and disaster recovery, etc.
Minimum 6 years of experience with enterprise-level security control implementations, including Network Intrusion Detection/Prevention (NIDS/NIPS), Corporate Antivirus, Enterprise Web Filtering, Data Loss Prevention, Insider-threat Mitigation, Botnet Detection, etc., as well as demonstrable knowledge of the principles and techniques used to bypass said controls.
Ability to create extremely high quality written reports containing the findings from web and thick-client vulnerability assessments, as well as the ability to articulate those findings to peer technical staff as well as various levels of management
Preference is for candidates with two or more of the following certifications: GSEC, GWAPT, CISSP, GPEN, GXPEN, CISA, CISM, OSCP, OSCE
Why Kelly ® ?
By partnering with Kelly® IT, you’ll have direct connections to top companies around the globe—giving you the chance to put your tech skills to work on some of today’s most intriguing, innovative, and high-visibility projects. In a world where change is the only constant, our unparalleled connections and IT market expertise help you take your skills exactly where you want to go. We’re here to help you gain experience, keep learning, and move your career forward.
About Kelly ®
At Kelly, we’re always thinking about what’s next and advising job seekers on new ways of working to reach their full potential. In fact, we’re a leading advocate for temporary/non-traditional workstyles, because we believe they allow flexibility and tremendous growth opportunities that enable a better way to work and live. Connecting great people with great companies is what we do best, and our employment opportunities span a wide variety of workstyles, skill levels, and industries around the world.
Kelly is an equal opportunity employer committed to employing a diverse workforce and providing accommodations for people with disabilities in all parts of the hiring process as required under its Employment Accommodation Policy. Kelly will work with applicants to meet accommodation needs that are made known to Kelly in advance.
- Kelly Services Jobs