Join our Facebook group
👉 Remote Jobs Network
Hybrid Pathways
Identifying, Connecting and Protecting Digital Assets
Enterprise IT Consulting • Public Cloud Infrastructure • Enterprise Networks • Hybrid IT Architecture • IT Security
11 - 50
Cloud-Based Web APIs Penetration Testing Consultant
August 27
Hybrid Pathways
Identifying, Connecting and Protecting Digital Assets
Enterprise IT Consulting • Public Cloud Infrastructure • Enterprise Networks • Hybrid IT Architecture • IT Security
11 - 50
Description
• Conduct testing for web APIs for indirect object access permissions and controls on AWS • Write RSpec tests in Ruby to ensure code quality • Set up API endpoint calls using Postman • Create Python scripts for reporting and triaging issues • Establish a test environment to confirm test case validity • Research API endpoint functionality • Verify API endpoint functions meet specified requirements • Identify endpoint owners by reviewing code and documentation • Troubleshoot issues to maintain testing operations • Analyze test results and report defects • Enhance test automation by updating test framework • Communicate progress via regular status reports • Collaborate with API developers • Document and report penetration testing results and findings • Support remediation of identified vulnerabilities • Collaborate with Information Security teams • Validate and enhance testing protocols, tools, or scripts • Independently handle complex issues with minimal supervision • Provide guidance and recommendations for security remediation • Develop comprehensive and accurate reports and presentations
Requirements
• 5+ years experience conducting penetration testing • 3+ years experience conducting vulnerability analysis • Proficiency in writing automated tests using RSpec • Strong knowledge of Ruby programming language • Working knowledge of Python and possibly some familiarity with other languages • Experience with API testing tools such as Postman • Ability to set up and maintain test environments • Skills in identifying, diagnosing, and resolving issues • Familiarity with version control systems like Git • Experience with defect tracking and reporting tools • Understanding of CI/CD principles • Hands on experience with scripting languages, Linux OS, AWS Security Services, and network protocols • Ability to identify and exploit web and mobile vulnerabilities • Working knowledge of cryptography • Familiarity with Identity and Access Management and Authentication Protocols
Apply NowSimilar Jobs
August 26
Hoplite Group
11 - 50
Assist a partner nation in building cyber capacity in strategy, policy, and governance.
August 26
SoHo Dragon
201 - 500
Maintain and enhance security posture using Microsoft technologies for a large non-profit.
