UNSUBSCRIBE !!!

• Original Message ----- From: Keith Allison <keith@nc-inc.com> To: <securityjobs@securityfocus.com> Sent: Tuesday, April 08, 2003 9:14 AM Subject: Job: Application Security Consultant

Application Security Consultant

Salary: $80K-$100K base

Location: Dulles, VA. Travel up to 40%

The Application Security Consultant identifies technical strategies for minimizing application software vulnerabilities. Typical activities include: - Meeting with client's technical staff to understand the architecture of the application. - Performing application security audits. - Software source code reviews using automated vulnerability testing tools and manual review of code. - Providing risk mitigation strategies For example, an Application Security consultant may work with a Stock Brokerage firm to ensure their online trading application written in J2EE with an Oracle backend is secure from common vulnerabilities such as buffer overruns, cross-site scripting attacks and SQL injection attacks. Candidates should be familiar with tools that find vulnerabilities in source code such as: WhiteHat Arsenal 1.05, Sanctum AppScan SPI Dynamics WebInspect ITS4 KaVaDo ScanDo @stake Web Proxy ...and have attended conferences such as Black Hat, Defcon or SANS. Travel to client sites across North America required. Successful candidate has proven experience working as an application security consultant for a firm like @stake, Foundstone, Cenzic, Accenture, CapGemini, etc.. Please note that my client also has a variety of other openings that are listed at http://nc-inc.com/jobs.htm

All discussions are confidential.

Keith Allison
Executive Recruiter
Net-Consultants
jobs@nc-inc.com
http://nc-inc.com

Net-Consultants is a search firm that helps companies proactively recruit the best talent. Clients include pre-IPO firms funded by VC's including Mid Atlantic Venture Funds, New Enterprise Associates and Mohr Davidow Ventures. Received on Tue Apr 8 13:13:46 2003

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek