|
|
About Qualys:
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable organizations of all sizes to easily and cost-effectively ensure that their business technology systems remain highly secure and within regulatory compliance.
Description:
As a QA Vulnerability Detection Security Engineer you will be part of a motivated engineering team that is responsible for ensuring the quality of the QualysGuard on demand security service. This opening is your chance to work in the rapidly expanding field of computer security, in a pre-IPO company with excellent customer ratings and outstanding growth rates.
Responsibilities
Perform ad-hoc and automated security assessments of the QualysGuard Vulnerability Signature as well as the Scanner Engine and Appliance. Develop and run automated tests for Vuln-Sigs security testing, penetration testing, security assessment and compliance testing. Analyze results and document findings with automated daily web-based test reports. Bug analysis to reproduce and isolate faults, and perform root cause investigation.
Qualifications
* Bachelors degree with at least 3 years experience with QA process and methodology
* 1 year of web application security testing with different browsers
* Experience with port scanners like nmap as well as vulnerability assessment tools like nessus
* Experience with Apache web server and web application development
* Must be proficient with HTML, Javascript, XML, HTTP and HTTPS protocols
* Knowledge of relational databases - Oracle 9i and above
* Recent programming experience with one or more of C, SQL, shell and perl required
* Must be a critical thinker with excellent verbal and written skills
Additional Plus Competencies
* PHP programming a plus
* Security related certifications like CISSP, CEH, etc
* Application Security testing experience with tools such as WebInspect, Kavado, WatchFire, Spike Proxy
* Vulnerability scanning experience with tools like nessus, eEye Retina, ISS Security Scanner
* TCP/IP and network knowledge and troubleshooting
* Network troubleshooting
Fluent in English and Chinese |
|
/1 
关于我们
发表于 2010-9-2 10:50:10
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
微信
收藏
置顶服务
换色服务
楼主
