Foot Locker – Vulnerability Management Pentester – USA
Other Jobs To Apply
No other job posts for this day.
Job title: Vulnerability Management Pentester
Company: Foot Locker
Job description: Overview
This role is 100% REMOTE - Must be based in US
Our global house-of-brands inspires and empowers youth culture. Relentlessly committed to fuel a shared passion for self-expression, we create unrivaled experiences at the heart of the sport and sneaker communities through the power of our people. If you want to be a part of something bigger than you can imagine, you’ve come to the right place. To learn more about the incredible impact we’re making on both our local and global communities,
SUMMARY OF POSITION:
A Foot Locker Vulnerability Management Pentester is responsible to help drive the corporate vulnerability management program. This role will utilize industry standard tools to identify vulnerabilities in live web applications, as well as applications under development. They will work with business partners to analyze, prioritize and mitigate vulnerabilities in our corporate, store and e-commerce platforms. Must be an experienced professional able to work together with application teams, technical teams, and various areas of the business.
Define a reporting cadence and conduct periodic evaluations of risk decisions associated with prior documented risk exceptions. Additionally, track and report any vulnerabilities that exceed SLAs to drive the exception and risk escalation process.
Responsibilities
RESPONSIBILITIES:
- Perform code reviews to identify critical flaws in applications and web applications.
- Utilize industry standard tools to identify vulnerabilities in live applications.
- Utilize industry standard tools to identify vulnerabilities in code under development.
- Determining priority and criticality of vulnerability remediation based on analysis.
- Work with business partners to make recommendations and provide guidance for remediation.
- Compile and track vulnerabilities over time for metrics purposes.
- Adhere to all corporate security policies and standards as they relate to job duties.
SKILLS & KNOWLEDGE:
- Must have application development experience. (Java, JavaScript, TypeScript, NodeJS, SWIFT, C/.Net)
- Must have experience with automated vulnerability scanning tools. (Network, System, Static/Dynamic code analysis.)
- Must understand the OWASP Top 10 Web Application Security Risks
- Must demonstrate the ability to professionally communicate in verbal and writing skills.
- Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security.
- Must Proficient in scripting and automation tools, including Python.
- An Associate’s degree or higher from an accredited university or college with course work in Information Security, Information Management Systems, or Networking OR equivalent IT experience
- Certified Vulnerability Assessor (CVA), GIAC Certified Web Application Defender (GWEB), Cyber Security Source Code Defender Certificate (CSCSD), Certified Secure Software Lifecycle Professional (CSSLP) or similar industry certification
#LI-RD1
Expected salary:
Location: USA
[ad_2]
