Security Consultant (CISSP) with web application vulnarability testing, security assessment and web hosting server/applications/database assessment experience
Web Application Security Assessment Report
Location: St. Paul MN
Duration: 5 months
Positions: 1
Project Deliverables
- Web application vulnerability report that includes a description of the tests run, vulnerabilities found, implications, severity of risk level, and specific recommendations for remediation;
- An on-site presentation to present findings and recommendations to MDH;
- A meeting with MDH IT staff to transfer knowledge about tests that MDH could/should be running on a regular basis to assess the vulnerability/security of the web application.
- Critical vulnerabilities will be communicated to MDH immediately.
Agency Project Requirements
MDH will ask the consultant to access data as an unauthenticated, unauthorized entity anonymously accessing the application, and then as a fully authenticated and authorized user of the applications. Both tests will be run on the application (Custom Data Access). Various checks will be performed to identify weaknesses within the application or infrastructure that the application depends on. The consultant will attempt to gather information about hosting servers, applications and their dependencies, and databases containing non-public data, and use that information to discover weaknesses with the application and/or infrastructure.
Required Skills
- 5 years of experience conducting security assessments
- consultant must have a Certified Information Systems Security Professional member on the assessment team
No comments:
Post a Comment