51Testing软件测试论坛

 找回密码
 (注-册)加入51Testing

QQ登录

只需一步,快速开始

微信登录,快人一步

手机号码,快捷登录

查看: 813|回复: 1
打印 上一主题 下一主题

科力斯招聘:QA Security Software Engineer/安全检测质量保证软件工程师

[复制链接]

该用户从未签到

跳转到指定楼层
1#
发表于 2010-8-30 14:04:40 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
职位描述/要求:

About Qualys:

Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable organizations of all sizes to easily and cost-effectively ensure that their business technology systems remain highly secure and within regulatory compliance.

Description:


As a QA Security Engineer you will be part of a motivated engineering team that is responsible for ensuring the quality of the QualysGuard on demand security service. This opening is your chance to work in the rapidly expanding field of computer security, in a pre-IPO company with excellent customer ratings and outstanding growth rates.
Responsibilities
Perform ad-hoc and automated security assessments of the QualysGuard Web Applications as well as the Scanner Engine and Appliance. Develop and run automated tests for web application security testing, penetration testing, security assessment and compliance testing. Analyze results and document findings with automated daily web-based test reports. Bug analysis to reproduce and isolate faults, and perform root cause investigation.

Qualifications:

    * Bachelors degree with at least 3 years experience with QA process and methodology
    * 1 year of web application security testing with different browsers
    * Experience with port scanners like nmap as well as vulnerability assessment tools like nessus
    * Experience with Apache web server and web application development
    * Must be proficient with HTML, Javascript, XML, HTTP and HTTPS protocols
    * Knowledge of relational databases - Oracle 9i and above
    * Recent programming experience with one or more of C, SQL, shell and perl required
    * Must be a critical thinker with excellent verbal and written skills


Additional Plus Competencies:


    * PHP programming a plus
    * Security related certifications like CISSP, CEH, etc
    * Application Security testing experience with tools such as WebInspect, Kavado, WatchFire, Spike Proxy
    * Vulnerability scanning experience with tools like nessus, eEye Retina, ISS Security Scanner
    * TCP/IP and network knowledge and troubleshooting
    * Network troubleshooting
    * Fluent in English and Chinese

职位描述:

对科力斯卫士的网站应用和扫描仪器运作功能开展不规则及自动安全测试。为网站应用程序撰写并运行自动化的安全测试,攻击测试,安全评估和合规测试。分析并组织基于网页的自动测试日报中的研究结果。复制、分析、孤立错源,并开展根本原因调查。

要求:

    * 本科学历,三年以上含有质量保证流程与方法的工作经验
    * 1 年多种浏览器的网站应用安全测试经验
    * 有如nmap等的网端扫描及nessus等的漏洞检测工具运用经验
    * 有Apache服务器与应用的开发经验
    * 必须精通HTML,XML,HTTP/HTTPS 网络协议
    * 有关系数据库(甲骨文10g以上)的认知
    * 近期编程经验(至少C、SQL、shell、perl 的其一)
    * 必须具备多元思考和流畅的书面及口头语言能力

额外能力:

    * PHP 编程
    * 安全方面证书,如:CISSP、CEH 等
    * 有运用如:Weblnspect, Kavado, WatchFire, Spick Proxy 等工具进行安全应用程序测试的经验
    * 有运用如:nessus, eEye Retina, ISS Security Scanner等工具进行漏洞扫描的经验
    * TCP/IP 网络认知及查错
    * 熟炼运用中文和英文

联系方式: Email: jliu@qualys.com
分享到:  QQ好友和群QQ好友和群 QQ空间QQ空间 腾讯微博腾讯微博 腾讯朋友腾讯朋友
收藏收藏
回复

使用道具 举报

该用户从未签到

2#
 楼主| 发表于 2010-9-2 10:55:59 | 只看该作者

科力斯招聘:QA Security Software Engineer/安全检测质量保证软件工程师

请将简历发送至 jliu@qualys.comObryant@qualys.com
回复 支持 反对

使用道具 举报

本版积分规则

关闭

站长推荐上一条 /1 下一条

小黑屋|手机版|Archiver|51Testing软件测试网 ( 沪ICP备05003035号 关于我们

GMT+8, 2024-11-25 12:32 , Processed in 0.072542 second(s), 23 queries .

Powered by Discuz! X3.2

© 2001-2024 Comsenz Inc.

快速回复 返回顶部 返回列表