Government Security
Network Security Resources

Jump to content


Sr. Security Audit Engineer Needed

- - - - - auditing web app web application
  • Please log in to reply
No replies to this topic

#1 amasters



  • Members
  • 0 posts

Posted 12 September 2008 - 06:13 AM

Title: Sr. Security Audit Engineer III

Location: Arlington, VA

Client/Employer: To be disclosed.

Compensation: Competitive

>>>Required clearance: TOP SECRET

Benefits - Full

Relocation Assistance Available - Yes

Interview Travel Reimbursed - Yes

The Ideal Candidate

5+ to 7 years of experience

Management Experience Required - No

Minimum Education - Bachelor's Degree

Willingness to Travel Never


Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be clearable to the Top Secret level.

- Auditor will be a member of the Blue Team conducting the full life cycle of a security audit. Perform system reviews to ensure group-level policies are working within compliance

- Will be responsible for conducting automated and manual vulnerability testing on major applications and network infrastructures

- Auditor will in brief the customer, conduct the full audit process including technical security, physical security and computer user security. Auditor will out brief the customer and write audit reports

- Auditor will be responsible for conducting all security testing, analyzing the results of the testing, and developing a comprehensive audit report documenting all findings based on level of risk

- Auditor should have experience auditing network devices, application servers, web applications and public facing websites

- Implement components of audit and assist in development of a technical audit program

- Will involve approximately 25% travel to customer sites to perform security audits.


- Responsibilities in developing, implementing and execution of a robust technical audit program.

- Must possess 5+ years experience with vulnerability assessments/scanning tools and networking.

- Linux and wireless security experience are preferable.

- Should possess experience doing network and database security scanning.

- Should have operational experience with automated vulnerability assessment tools including, but not limited to, ISS, nessus, nmap, MBSA, Foundstone, WebInspect, AppDetective, MBSA, etc.

- Requires 5 years of related security experience.

- It is preferred that this person be a current Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), or similar security professional certifications

- Strong communication, interpersonal and client-facing skills required.



Also tagged with one or more of these keywords: auditing, web app, web application