Job Overview
We are seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a critical role in ensuring the security of our applications and guiding our security testing and vulnerability triage.
As part of this project, you will conduct a comprehensive security assessment of a cloud-native, microservices-based architecture. Your focus will be on web and mobile applications and cloud security testing, adversary emulation, and continuous security posture improvement.
You will leverage your expertise in application security, utilizing tools such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) to perform both static and dynamic source code reviews. Additionally, you will employ threat modeling and threat actor attack pathing to continually validate the effectiveness of the customer’s security controls.
The primary goal is to ensure that the security controls implemented by the organization are functioning as intended. By doing so, you will enhance the overall security defenses and collaborate with global development teams to maintain the ongoing security of the globally adopted application.
Job Description Highlights
Security Testing of Developer Operations and Mobile Apps:
· Conduct thorough security testing of developer operations and mobile applications (iPhone and Android).
· Identify security issues and vulnerabilities.
Source Code Reviews:
· Perform in-depth source code reviews to identify security flaws or weaknesses.
Executing Tests/Assessments and Drafting Reports:
· Execute detailed assessments and compile findings into reports for further review and action.
Required Skills and Experience:
Bachelor’s degree in computer science, Software Engineering, or related field, or equivalent job experience.
Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
3-5 years of experience in application security testing and source code review.
Proficiency in multiple programming languages and understanding of secure coding practices.
Strong analytical skills and attention to detail for identifying vulnerabilities.
Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
Executing Tests/Assessments and Drafting Reports: Executes detailed assessments and compiles findings into reports for further review and action.
Tools and Technologies:
Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault
Benefits
Beyond a role, joining OnDefend means becoming part of a community dedicated to making a difference. We offer:
Health and Wellness
Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.
Financial Benefits
Competitive Salary: Attractive salary packages that reflect the candidate’s experience and skills.
401(k) Matching: Company matches contributions to the 401(k) retirement plan up to a certain percentage.
Work-Life Balance
Generous Paid Time Off (PTO): Including vacation days, sick leave, and holidays to help you recharge and spend time with loved ones.
Professional Development
Training and Development: Access to professional development programs, workshops, and certifications.
Tuition Reimbursement: Financial support for further education and courses related to the job.
Career Growth Opportunities: Clear career progression paths and opportunities for promotion.
Company Culture
Inclusive Environment: A diverse and inclusive workplace where all employees feel valued.
Team Building Activities: Regular team-building events and social gatherings.
Additional Perks
Technology and Tools: Access to the latest technology and tools needed to perform the job effectively.
...Automotive Consultant - Sales Concierge FIELDS AUTO GROUP Fields Auto Group believes that employees are our greatest asset.... ...communication skills with your customers Professional, well-groomed personal appearance. Acceptable motor vehicle driving record...
...Outpatient Professional Medical Coder Greenberg-Larraby, Inc. (GLI) is actively seeking a skilled Outpatient Professional Medical Coder to join our dynamic healthcare team based in Temple, TX This position is onsite in Temple, TX. In this role, you will be responsible...
...Job Description Company Overview Prep Academy Tutors is a private in-home and online tutoring company. We deliver flexible and personalized tutoring... ...of Philadelphia is looking for certified middle schoolmath teachers. Provide academic support to students based...
Enjoy the luxury of a remote work environment with a financially solid company. A leading life insurer is searching for a Career ASA or FSA with 3+ years of experience to be their next Senior Manager - Actuarial Asset Modeling. This role will lead the development of asset...
For over 37 years, Wilbur Plumbing, Heating & Air has been recognized in The Harrisburg area as being synonymous with quality, craftsmanship, hard work, and expertise that is second to none. We've built our loyal customer base by hiring only the best Plumbing and HVAC...