Security Testing Engineer / Penetration Tester

Location: Onsite 3 days a wk; Hybrid – Office location is Seattle WA or Addison TX

Required Pay Scale: $60-65hr W2

***Due to client requirements this role is only open to USC or GC candidates***

QA related projects in Cybersecurity domain i.e. Identity and Access Management, Risk, Compliance, Audit etc. Provide analytical support in executing internal control discipline and operational excellence

Role Responsibilities:

• As a Security Engineer/Tester, you will be performing authorized security testing on some of the very complex, massive scale, and highly critical applications.

• You must be self-directed, able to work independently, as well as work in a team-oriented and fast paced environment.

• You need to be aware of a varied application security domains like authentication, authorization, identity management, cryptography, etc.

Required Qualifications

• 3 year of experience in software development/testing with large-scale enterprise applications.

• Primary Skill - Manual and automated testing (testing will be done on software)

• Deep understanding of different web application technologies, web protocols (HTTP, HTTPS, etc.), browser technologies, etc.

• In depth domain understanding of application security in terms of Identity and Access Management (IAM), different authentication technologies (passwords, biometrics, OTP, digital certificates & PKI, device authentication, FIDO U2F/Passkeys, etc.

• Proven expertise on different security testing tools (Proxy tools like Fiddler, Black box security testing tools like Burp, Static Security Code analysis tools,

• Deep understanding of different application security vulnerabilities such as OWASP Top 10, SANS Top 25, CWE, attack patterns (CAPEC), etc.

Desired Qualifications

• Working experience on different security technologies and standards like Single Sign On (SSO) using SAML/OpenID, OAuth protocols, etc.

• Good understanding of Cryptographic algorithms and standards like Symmetric/Assymetric crypto techniques, digital signatures, JWS/JWE tokens, Hardware Security Modules (HSMs), etc.

• Understanding of Security vulnerabilities related to Cloud environments is an added advantage.

• Well known Security certifications is an added advantage

• Understanding of Threat Modelling concepts and Secure Development Life Cycle processes.

• Mobile Application Security familiarity is desirable

About Matlen Silver

Experience Matters. Let your experience be driven by our experience. For more than 40years, Matlen Silver has delivered solutions for complex talent and technology needs to Fortune 500 companies and industry leaders. Led by hard work, honesty, and a trusted team of experts, we can say that Matlen Silver technology has created a solutions experience and legacy of success that is the difference in the way the world works.

Matlen Silver is an Equal Opportunity Employer and considers all applicants for all positions without regard to race, color, religion, gender, national origin, age, sexual orientation, veteran status, the presence of a non-job-related medical condition or disability, or any other legally protected status.

If you are a person with a disability needing assistance with the application orat any point in the hiring process, please contact us at email and/or phone at info@matlensilver.com // 908-393-8600