Lead Application PenetrationTester
3 weeks ago
Onsite / Washington, DC
Job Overview
Our client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a critical role in ensuring the security of our applications and guiding our security testing and vulnerability triage.
As a lead, you will oversee a comprehensive security assessment of a cloud-native, microservices-based architecture. Your focus will be on web and mobile applications, cloud security testing, adversary emulation, and continuous security posture improvement. You will mentor junior team members and lead the development of security strategies and best practices.
You will leverage your expertise in application security, utilizing tools such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) to perform both static and dynamic source code reviews. Additionally, you will employ threat modeling and threat actor attack pathing to continually validate the effectiveness of the customer’s security controls.
The primary goal is to ensure that the security controls implemented by the organization are functioning as intended. By doing so, you will enhance the overall security defenses and collaborate with global development teams to maintain the ongoing security of the globally adopted application.
Job Description Highlights
- Leadership and Mentorship:
- Lead and mentor a team of penetration testers, providing guidance and support to ensure high-quality security assessments.
- Conduct and oversee thorough security testing of developer operations and mobile applications (iPhone and Android).
- Identify security issues and vulnerabilities.
- Perform and supervise in-depth source code reviews to identify security flaws or weaknesses.
- Execute and oversee detailed assessments, compile findings into reports, and present actionable recommendations to stakeholders.
- Develop and implement security testing strategies and best practices to enhance the organization’s security posture.
- Collaborate with global development teams to maintain the ongoing security of the globally adopted application.
- Bachelor’s degree in computer science, Software Engineering, or related field, or equivalent job experience.
- Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
- 5-7 years of experience in application security testing and source code review with at least 2 years in a leadership role.
- Proficiency in multiple programming languages and understanding of secure coding practices.
- Strong analytical skills and attention to detail for identifying vulnerabilities.
- Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
- Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
- Executing Tests/Assessments and Drafting Reports: Executes detailed assessments and compiles findings into reports for further review and action.
Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault.
Benefits
Beyond a role, joining OnDefend means becoming part of a community dedicated to making a difference. We offer:
Health and Wellness
- Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.
- Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.
- 401(k) Matching: Company matches contributions to the 401(k) retirement plan up to a certain percentage.
- Generous Paid Time Off (PTO): Including vacation days, sick leave, and holidays to help you recharge and spend time with loved ones.
- Training and Development: Access to professional development programs, workshops, and certifications.
- Tuition Reimbursement: Financial support for further education and courses related to the job.
- Career Growth Opportunities: Clear career progression paths and opportunities for promotion.
- Inclusive Environment: A diverse and inclusive workplace where all employees feel valued.
- Team Building Activities: Regular team-building events and social gatherings.
- Technology and Tools: Access to the latest technology and tools needed to perform the job effectively.
-
Lead Application PenetrationTester
2 weeks ago
washington, United States Editech Staffing Full timeLead Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The...
-
Lead Application PenetrationTester
2 weeks ago
Washington, DC, United States Editech Staffing Full timeLead Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The...
-
Application Security Lead
1 month ago
Washington, Washington, D.C., United States Editech Staffing Full timeJob Title: Application Security LeadWe are seeking a highly skilled and experienced Application Security Lead to join our team. As a key member of our security team, you will be responsible for leading our application security testing efforts and ensuring the security of our applications.Key Responsibilities:Lead and mentor a team of penetration testers to...
-
Lead Application Engineer
3 days ago
Washington, United States ANSYS, Inc. Full timeDate: Oct 10, 2024Location: Washington, DC, US, 20018Company: AnsysRequisition #: 15270Our Mission: Powering Innovation That Drives Human AdvancementWhen visionary companies need to know how their world-changing ideas will perform, they close the gap between design and reality with Ansys simulation. For more than 50 years, Ansys software has enabled...
-
Lead Application Engineer
4 days ago
Washington, United States ANSYS, Inc. Full timeDate: Oct 10, 2024Location: Washington, DC, US, 20018Company: AnsysRequisition #: 15270Our Mission: Powering Innovation That Drives Human AdvancementWhen visionary companies need to know how their world-changing ideas will perform, they close the gap between design and reality with Ansys simulation. For more than 50 years, Ansys software has enabled...
-
Application Suite Technical Lead
4 weeks ago
Washington, Washington, D.C., United States Leidos Full timeJob Summary:Leidos is seeking an experienced Application Suite Technical Lead to lead a team of applications developers, designers, and task leads for a critical Intelligence Community customer.This key role involves leading a team to design and develop a new, comprehensive microservice-based application suite for the customer.The suite of applications will...
-
Lead Application Security Specialist
4 weeks ago
Washington, Washington, D.C., United States Editech Staffing Full timeJob DescriptionEditech Staffing is seeking a highly skilled and experienced Lead Application Security Specialist to join our team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities.The successful candidate will play a critical role in...
-
Lead Application Penetration Tester
2 months ago
Washington, United States Kavaliro Full timeKavaliro is seeking an experienced Lead Application Penetration Tester to join our cyber security client. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security. As the lead, you'll be responsible for the security of cloud-native, microservices-based applications,...
-
Lead Application Security Specialist
1 month ago
Washington, Washington, D.C., United States Kavaliro Full timeKavaliro is seeking an experienced Lead Application Security Specialist to join our cyber security team. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security.As the lead, you'll be responsible for the security of cloud-native, microservices-based applications, with a...
-
Lead Application Penetration Tester
3 weeks ago
Washington, United States Editech Staffing Full timeOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...
-
Lead Application Penetration Tester
1 week ago
washington, United States Editech Staffing Full timeOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...
-
Lead Application Penetration Tester
2 weeks ago
washington, United States Editech Staffing Full timeOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...
-
Mobile Application Development Technical Lead
4 weeks ago
Washington, Washington, D.C., United States Leidos Full timeJob Title: Mobile Application Development Technical LeadJob Summary:We are seeking an experienced Mobile Application Development Technical Lead to lead a team of application developers, designers, and task leads for a critical Intelligence Community customer. The ideal candidate will have technical proficiency across both front-end and back-end development...
-
Lead Application Engineer
3 days ago
Washington, United States Semiconductor Engineering Full timeJoin the Ansys Customer Excellence team to partner with our customers to engineer what’s ahead, solve their real-world engineering problems, deploy Ansys software in their design workflows, and grow Ansys’ business. As a subject matter, industry and Ansys solutions expert, you will use advanced-level engineering knowledge to provide technical pre-sales...
-
Lead Application Engineer
4 days ago
Washington, United States Semiconductor Engineering Full timeJoin the Ansys Customer Excellence team to partner with our customers to engineer what’s ahead, solve their real-world engineering problems, deploy Ansys software in their design workflows, and grow Ansys’ business. As a subject matter, industry and Ansys solutions expert, you will use advanced-level engineering knowledge to provide technical pre-sales...
-
Application Engineer
2 weeks ago
Washington, United States Melton Machine & Control Company Full timeThe sales application engineer is a big resource for the sales engineers and our customers. The primary role of the application engineer is to work with the sales engineering team to develop solutions for MMCC customers. The solution is usually consisting of acquiring the necessary data and files, developing a recommended layout for the customer's parts and...
-
Director of Application Services
5 months ago
Washington, United States TalEx Full timeTal-Ex is partnering with a law firm to identify a Director Application Services. This is a Direct Hire position located in Washington, DC. The Director of Application Services leads the support, development and implementation of Firm applications. This position analyzes application system development requests and recommends system enhancements to ensure...
-
HR Applications Manager
4 weeks ago
Washington, Washington, D.C., United States Genesis Consulting Full timeJob Title: HR Applications ManagerWe are seeking an experienced HR Applications Manager to join our team at Genesis Consulting. This role is responsible for the management and support of a portfolio of Applications that the HR team leverages for their business operations.The HR Applications Manager will have overall responsibility for the architecture,...
-
Patent Application Specialist
1 month ago
Washington, United States Sughrue Mion Full timeSughrue Mion, PLLC, a leading Intellectual Property law firm located in Washington, DC, is seeking a New Patent Application Specialist.Purpose Statement: This position prepares and files various types of new patent applications. Responsibilities include: prepare and e-file utility, design and US national stage applications in the USPTO, maintain established...
-
Patent Application Specialist
2 weeks ago
Washington, United States Sughrue Mion Full timeSughrue Mion, PLLC, a leading Intellectual Property law firm located in Washington, DC, is seeking a New Patent Application Specialist. Purpose Statement: This position prepares and files various types of new patent applications. Responsibilities include: prepare and e-file utility, design and US national stage applications in the USPTO, maintain...
