Application Penetration Tester

3 weeks ago

Washington, United States Editech Staffing Full time
Onsite / Washington, DC

Job Overview

Our client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a critical role in ensuring the security of our applications and guiding our security testing and vulnerability triage.

As part of this project, you will conduct a comprehensive security assessment of a cloud-native, microservices-based architecture. Your focus will be on web and mobile applications and cloud security testing, adversary emulation, and continuous security posture improvement.

You will leverage your expertise in application security, utilizing tools such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) to perform both static and dynamic source code reviews. Additionally, you will employ threat modeling and threat actor attack pathing to continually validate the effectiveness of the customer’s security controls.

The primary goal is to ensure that the security controls implemented by the organization are functioning as intended. By doing so, you will enhance the overall security defenses and collaborate with global development teams to maintain the ongoing security of the globally adopted application.

Job Description Highlights

Security Testing of Developer Operations and Mobile Apps:

  • Conduct thorough security testing of developer operations and mobile applications (iPhone and Android).
  • Identify security issues and vulnerabilities.

Source Code Reviews

  • Perform in-depth source code reviews to identify security flaws or weaknesses.

Executing Tests/Assessments And Drafting Reports

  • Execute detailed assessments and compile findings into reports for further review and action.

Required Skills And Experience

  • Bachelor’s degree in computer science, Software Engineering, or related field, or equivalent job experience.
  • Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
  • 3-5 years of experience in application security testing and source code review.
  • Proficiency in multiple programming languages and understanding of secure coding practices.
  • Strong analytical skills and attention to detail for identifying vulnerabilities.
  • Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
  • Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
  • Executing Tests/Assessments and Drafting Reports: Executes detailed assessments and compiles findings into reports for further review and action.

Tools And Technologies

Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault

Benefits

Beyond a role, joining our client means becoming part of a community dedicated to making a difference.

They Offer

Health and Wellness

  • Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.

Financial Benefits

  • Competitive Salary: Attractive salary packages that reflect the candidate’s experience and skills.
  • 401(k) Matching: Company matches contributions to the 401(k) retirement plan up to a certain percentage.

Work-Life Balance

  • Generous Paid Time Off (PTO): Including vacation days, sick leave, and holidays to help you recharge and spend time with loved ones.

Professional Development

  • Training and Development: Access to professional development programs, workshops, and certifications.
  • Tuition Reimbursement: Financial support for further education and courses related to the job.
  • Career Growth Opportunities: Clear career progression paths and opportunities for promotion.

Company Culture

  • Inclusive Environment: A diverse and inclusive workplace where all employees feel valued.
  • Team Building Activities: Regular team-building events and social gatherings.

Additional Perks

  • Technology and Tools: Access to the latest technology and tools needed to perform the job effectively.

  • Application Penetration Tester

    3 weeks ago

    Washington, United States Editech Staffing Full time

    Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful...

  • Penetration Tester

    2 months ago

    Washington, United States Editech Staffing Full time

    Job OverviewOur client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.Key responsibilities include static and dynamic source code reviews...

  • Penetration Tester

    1 month ago

    washington, United States Editech Staffing Full time

    Job OverviewOur client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.Key responsibilities include static and dynamic source code reviews...

  • Application Penetration Tester

    2 weeks ago

    washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...

  • Application Penetration Tester

    2 weeks ago

    washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...

  • Application Penetration Tester

    2 weeks ago

    Washington, DC, United States Editech Staffing Full time

    Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful...

  • Lead Application Penetration Tester

    2 months ago

    Washington, United States Kavaliro Full time

    Kavaliro is seeking an experienced Lead Application Penetration Tester to join our cyber security client. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security. As the lead, you'll be responsible for the security of cloud-native, microservices-based applications,...

  • Lead Application Penetration Tester

    1 week ago

    washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...

  • Lead Application Penetration Tester

    2 weeks ago

    washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...

  • Lead Application Penetration Tester

    3 weeks ago

    Washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...

  • Penetration Tester

    3 weeks ago

    Washington, United States Insight Global Full time

    Job DescriptionJob DescriptionMust Haves:4+ years of experience conducting manual Source Code reviewsExperience with automated testing tools for SAST (Static Application security Testing), DAST (dynamic Application security Testing), and SCA (software Composition Analysis)Example tools: Checkmarx, Burp Suite Pro, Plextrac, Veracode, Hashicorp Vault4+ years...

  • Application Penetration Tester

    2 weeks ago

    Washington, DC, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...

  • Lead Application PenetrationTester

    2 weeks ago

    washington, United States Editech Staffing Full time

    Lead Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The...

  • Lead Application PenetrationTester

    3 weeks ago

    Washington, United States Editech Staffing Full time

    Lead Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The...

  • QA Tester

    5 months ago

    Washington, United States TWO95 International Full time

    Title: QA Tester Location: Washington, DC Position: Contract Rate: $/OpenDescription:- • Test web services, web application, API, mobile application for potential vulnerabilities, Wireless penetration testing and POS device security assessments • Run patch / configuration audit scans, create scan report • Periodically run Host Discovery Scans, web...

  • IT Tester

    6 days ago

    Washington, United States Anakim Consulting Full time

    TitleIT Tester EOE StatementAnakim Consulting is an equal employment opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regards to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. DescriptionPosition: IT...

  • Lead Application PenetrationTester

    2 weeks ago

    Washington, DC, United States Editech Staffing Full time

    Lead Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The...

  • QA Tester

    3 months ago

    Washington, United States Sharp Solutions, Inc. Full time

       SSi has principals that are an integral part of the organizations characteristic and are fundamentally essential to the shaping of everyday activities that connect to our broader mission and vision. As an organization SSi is committed to:   Foster a culture of innovative and out of the box thinking:  We fundamentally understand that each employee has...

  • Business Analyst Tester

    7 days ago

    Washington, United States Gridiron IT Full time

    Business Analyst/TesterLocation: Washington, DCWork Type: Hybrid - 3 days on-site.Remote Work: Yes.DescriptionGridiron IT is looking to hire a Business Analyst/Tester to support a government program. The Business Analyst/Tester may provide knowledge in business process and system analysis, design, improvement, and implementation efforts or in translating...

  • Quality Assurance Tester

    2 weeks ago

    Washington, United States Anakim Consulting Full time

    TitleJava Quality Assurance Tester EOE StatementAnakim Consulting is an equal employment opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regards to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran....