ERP Penetration Testing- black-box & Workday & SSO 7 OWASP - Remote

Job Description

Job DescriptionREQUIREMENT:


ERP Penetration Testing- black-box & Workday & SSO 7 OWASP Top 10
Remote - Anywhere in USA
Need Overall 10+Years of experience
3 References from the recent projects is must.

Minimum Qualifications:

• Strong experience in web application penetration testing, including black-box testing.
• Proficiency in black-box testing methodologies.
• Knowledge of OWASP Top 10 security risks and application of associated testing methods.
• Experience testing SSO integrations, specifically with Entra ID and Okta.
• Ability to perform authenticated testing across at least three user roles.
• Skilled in identifying, exploiting, and documenting security vulnerabilities.
• Proficient in preparing risk-ranked reports with remediation steps.
• Strong communication skills to engage with State teams, vendors (e.g., Guidehouse, Workday).
• Ability to perform Phase II retesting of remediated vulnerabilities.

Preferred Skills:

• Experience with cloud-based ERP systems, especially Workday Adaptive Planning.
• Familiarity with OSSTM or other advanced/internal penetration testing methodologies.
• Prior consulting or testing experience with state government or public sector clients.
• Understanding of PMBOK-based project management principles.
• Proficiency in documentation using Microsoft Office (Word, Excel, Project, Visio) and Adobe PDF.
• Relevant cybersecurity certifications such as CEH, OSCP, or CISSP.
• Experience working with multi-vendor teams (e.g., Guidehouse, Workday).
• Knowledge of secure data handling policies and compliance with destruction protocols.
• Ability to communicate technical findings clearly to non-technical stakeholders.

Specific Skills:

• Web application and black-box penetration testing
• OWASP Top 10 vulnerability assessment
• SSO testing (Entra ID & Okta)
• Authenticated user role testing
• Vulnerability reporting with remediation guidance
• Retesting of remediated issues
• Familiarity with Workday Adaptive Planning
• Use of tools like Burp Suite, OWASP ZAP
• Secure data handling and destruction

If you are interested share your updated resume with contact number to sivarajan.s@zirlen.com

This is a remote position.