Remote Software Database Engineer 2 at CompuCom Open Startup
RSS
API
Global PayrollPost a job

find a remote job
work from anywhere

The largest collection of Remote Jobs for Digital Nomads online. Get a remote job you can do anywhere at Remote Companies like Toptal, Zapier and Automattic who embrace the future. There are 43,050+ jobs that allow you to work anywhere and live everywhere.

The largest collection of Remote Jobs for Digital Nomads online. Get a remote job you can do anywhere at Remote Companies like Toptal, Zapier and Automattic who embrace the future. There are 43,050+ jobs that allow you to work anywhere and live everywhere.

Global PayrollPost a job

  Jobs

  People

👉 Hiring for a remote position?

Post a job
on the 🏆 #1 remote jobs board

CompuCom


Software Database Engineer 2

Software Database Engineer 2


CompuCom


engineer

 

dev

 

digital nomad

 

engineer

 

dev

 
This job post is closed and the position is probably filled. Please do not apply.
\nThe leading software brand seeks 2-3 Pentest contractors. Candidates will come in and find security vulnerabilities in SQL 2016 server.\n\nAn Application Security Component Pentest will consist of vulnerability discovery at the application layer, will focus on identifying flaws documented in both the 2013 OWASP Top 10 and the CWE Top 25 most dangerous software errors. There is some overlap between the two, but both serve well as references for test case creation during the assignment. The OWASP Top 10 applies mostly to Web-applications and is listed here as:\n\n2013 OWASP Top 10:\n\n\n* A1 Injection\n\n* A2 Broken Authentication and Session Management (XSS)\n\n* A3 Cross Site Scripting (XSS)\n\n* A4 Insecure Direct Object References\n\n* A5 Security Misconfiguration\n\n* A6 Sensitive Data Exposure\n\n* A7 Missing Function Level Access Control\n\n* A8 Cross Site Request Forgery (CSRF)\n\n* A9 Using Components with Known Vulnerabilities\n\n* A10 Unvalidated Redirects and Forwards\n\n\n\n\nThe CWE Top 25 applies to traditional client / server software as well as webapplications:\n\n\n* CWE-89 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)\n\n* CWE-78 Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)\n\n* CWE-120 Buffer Copy without Checking Size of Input (Classic Buffer Overflow)\n\n* CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-Site Scripting)\n\n* CWE-306 Missing Authentication for Critical Function\n\n* CWE-285 Improper Access Control (Authorization)\n\n* CWE-798 Use of Hard-Coded Credentials\n\n* CWE-311 Missing Encryption of Sensitive Data\n\n* CWE-434 Unrestricted Upload of File with Dangerous Type\n\n* CWE-807 Reliance on Untrusted Inputs in a Security Decision\n\n* CWE-250 Execution with Unnecessary Privileges\n\n* CWE-352 Cross-Site Request Forgery (CSRF)\n\n* CWE-22 Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)\n\n* CWE-798 Use of Hard-Coded Credentials\n\n* CWE-805 Buffer Access with Incorrect Length Value\n\n* CWE-98 Improper Control of Filename for Include / Require Statement in PHP Program (PHP File Inclusion)\n\n* CWE-494 Download of Code Without Integrity Check\n\n* CWE-863 Incorrect Authorization\n\n* CWE-829 Inclusion of Functionality from Untrusted Control Sphere\n\n* CWE-732 Incorrect Permission Assignment for Critical Resource\n\n* CWE-676 Use of Potentially Dangerous Functions\n\n* CWE-327 Use of a Broken or Risky Cryptographic Algorithm\n\n* CWE-131 Incorrect Calculation of Buffer Size\n\n* CWE-307 Improper Restriction of Excessive Authentication Attempts\n\n* CWE-601 URL Redirection to Untrusted Site (Open Redirect)\n\n* CWE-134 Uncontrolled Format String\n\n* CWE-190 Integer Overflow or Wraparound\n\n* CWE-759 Use of a One-Way hash without a Salt\n\n\n\n\nFirst priority for evaluation will be on Telemetry, and JSON data. Further scenarios and data services to be defined by the group


See more jobs at CompuCom

# How do you apply?\n\n This job post is older than 30 days and the position is probably filled. Try applying to jobs posted recently instead.
FeedbackIf you find a bug, or have feedback, write it here. Please no job applications in here, click Apply instead! If you want to advertise, we do not do CPA/aff/perf ads ever.Thanks for the message! We will get back to you soon.

[Spam check] What is the name of Elon Musk's company going to Mars?

Send feedback