Penetration Tester
2 weeks ago
Job Overview
Our client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.
Key responsibilities include static and dynamic source code reviews using tools like SAST, DAST, and SCA. You’ll also leverage threat modeling and attack pathing to validate and enhance the organization’s security controls.
Your work will help ensure security measures function as intended and support global teams in maintaining the security of a widely used application.
Benefits
- Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.
- Competitive Salary
- 401(k) Matching
Work-Life Balance
- Generous Paid Time Off (PTO)
Professional Development
- Training and Development: Access to professional development programs, workshops, and certifications.
- Tuition Reimbursement: Financial support for further education and courses.
- Career Growth Opportunities
Company Culture
- Inclusive Environment
- Team Building Activities
Job Description
Security Testing of Developer Operations and Mobile Apps:
- Conduct thorough security testing of developer operations and mobile applications (iPhone and Android).
- Identify security issues and vulnerabilities.
Source Code Reviews:
- Perform in-depth source code reviews to identify security flaws or weaknesses.
Executing Tests/Assessments and Drafting Reports:
- Execute detailed assessments and compile findings into reports for further review and action.
Required Skills and Experience:
- Bachelor’s degree in computer science, Software Engineering, or related field, or equivalent job experience.
- Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
- 3-5 years of experience in application security testing and source code review.
- Proficiency in multiple programming languages and understanding of secure coding practices.
- Strong analytical skills and attention to detail for identifying vulnerabilities.
- Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
- Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
- Executing Tests/Assessments and Drafting Reports: Executes detailed assessments and compiles findings into reports for further review and action.
Tools and Technologies:
Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault
-
Intermediate Penetration Tester
7 days ago
Washington, Washington, D.C., United States Chenega Corporation Full timeJob Title: Intermediate Penetration TesterChenega Corporation is seeking a highly skilled Intermediate Penetration Tester to join our team. As an Intermediate Penetration Tester, you will be responsible for identifying vulnerabilities and weaknesses within systems, conducting continuous penetration testing of the enterprise IT environment, and assessing the...
-
Intermediate Penetration Tester
3 days ago
Washington, Washington, D.C., United States Chenega Corporation Full timeJob Title: Intermediate Penetration TesterChenega Corporation is seeking a highly skilled Intermediate Penetration Tester to join our team. As an Intermediate Penetration Tester, you will be responsible for identifying vulnerabilities and weaknesses within our systems, conducting continuous penetration testing, and assessing the effectiveness of security...
-
Junior Penetration Tester
3 days ago
Washington, Washington, D.C., United States Gunnison Consulting Group Inc Full timeJob Title: Junior Penetration TesterGunnison Consulting Group Inc is seeking a highly skilled and motivated Junior Penetration Tester to join our team. As a Junior Penetration Tester, you will be responsible for conducting security testing of IT assets, web applications, infrastructure assets, and technologies.Key Responsibilities:Conduct security testing of...
-
IT Security Specialist
3 weeks ago
Washington, Washington, D.C., United States 3M Consultancy Full timeJob Title: IT Security Specialist - Penetration TesterThis is a remote position.Job Summary:We are seeking an experienced IT Security Specialist to join our team at 3M Consultancy. As a Penetration Tester, you will be responsible for analyzing information security systems and applications to identify vulnerabilities and recommend security measures to protect...
-
IT Security Specialist
2 weeks ago
Washington, Washington, D.C., United States 3M Consultancy Full timeJob Title: IT Security Specialist - Penetration TesterThis is a remote position.Job Summary:We are seeking an experienced IT Security Specialist - Penetration Tester to join our team at 3M Consultancy. The successful candidate will be responsible for analyzing information security systems and applications, recommending and developing security measures to...
-
Penetration Tester
1 week ago
Washington, United States Editech Staffing Full timeJob OverviewWe are seeking an experienced Application Penetration Tester to join our team at Editech Staffing. As a key member of our security team, you will be responsible for assessing the security of cloud-native, microservices-based architectures.Your primary focus will be on web and mobile applications, cloud security testing, adversary emulation, and...
-
Security RMF Penetration Tester
3 weeks ago
Washington Highlands, Washington, D.C., United States Hummingbirds Innovations Full timeAbout the RoleWe are seeking a highly skilled Security RMF Penetration Tester to join our team at Hummingbirds Innovations. As a key member of our security team, you will be responsible for conducting penetration testing, vulnerability assessments, and manual exploitation of servers, web applications, and databases to identify vulnerabilities,...
-
Penetration Tester
2 weeks ago
Washington, United States Editech Staffing Full timeJob OverviewOur client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.Key responsibilities include static and dynamic source code reviews...
-
Penetration Tester
2 weeks ago
Washington, United States Editech Staffing Full timeJob OverviewOur client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.Key responsibilities include static and dynamic source code reviews...
-
Lead Application Penetration Tester
2 weeks ago
Washington, United States Kavaliro Full timeKavaliro is seeking an experienced Lead Application Penetration Tester to join our cyber security client. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security. As the lead, you'll be responsible for the security of cloud-native, microservices-based applications, with...
-
Lead Application Penetration Tester
1 week ago
Washington, United States Kavaliro Full timeKavaliro is seeking an experienced Lead Application Penetration Tester to join our cyber security client. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security. As the lead, you'll be responsible for the security of cloud-native, microservices-based applications,...
-
Application Penetration Tester
2 weeks ago
Washington, United States Kavaliro Full timeKavaliro is seeking an experienced Application Penetration Tester with a strong background in cybersecurity and application security for our security client. In this role, you'll be responsible for identifying and addressing vulnerabilities in web, mobile, and cloud-native applications, while working with global development teams to ensure continuous...
-
Lead Application Penetration Tester
3 days ago
Washington, United States Kavaliro Full timeKavaliro is seeking an experienced Lead Application Penetration Tester to join our cyber security client. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security. As the lead, you'll be responsible for the security of cloud-native, microservices-based applications, with...
-
Cloud Penetration Tester
1 month ago
Washington, United States Maveris Full timeThis role will support the improvement of cybersecurity analytics by conducting cloud adversarial emulation testing on the Department of Veterans Affairs (VA) Enterprise Cloud (VAEC) systems. The ideal candidate will have a strong background in penetration testing, particularly in cloud environments, and experience with purple-teaming activities.In this...
-
Washington, United States Softworld Inc Full timeJob Summary:Softworld Inc is seeking a highly skilled Cybersecurity Test and Evaluation Consultant to join our team. As a key member of our Cyber Ops Unit, you will be responsible for designing and executing threat emulation functions, conducting internal and external security testing, and identifying potential vulnerabilities in our systems and networks.Key...
-
QA Tester
3 months ago
Washington, United States TWO95 International Full timeTitle: QA Tester Location: Washington, DC Position: Contract Rate: $/OpenDescription:- • Test web services, web application, API, mobile application for potential vulnerabilities, Wireless penetration testing and POS device security assessments • Run patch / configuration audit scans, create scan report • Periodically run Host Discovery Scans, web...
-
Application Security Specialist
7 days ago
Washington, United States Insight Global Full timeApplication Security Penetration TesterInsight Global's client is seeking a skilled Application Security Penetration Tester to join their team in Washington, D.C. This individual will work closely with a team of 5 experts to conduct source code reviews and penetration testing to identify security concerns and vulnerabilities within mobile applications.Key...
-
Lead Application Security Specialist
7 days ago
Washington, Washington, D.C., United States Kavaliro Full timeJob Title: Lead Application Penetration TesterKavaliro is seeking an experienced Lead Application Penetration Tester to join our cyber security team. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security.Key Responsibilities:Lead and mentor a team of penetration...
-
Senior Cybersecurity Analyst
4 weeks ago
Washington, Washington, D.C., United States Peraton Full timeJob SummaryWe are seeking a highly skilled and experienced Cybersecurity Analyst to join our team at Peraton. As a Cyber Vulnerability Expert, you will be responsible for identifying and mitigating potential security threats to our customers' systems and networks.Key ResponsibilitiesConduct thorough vulnerability assessments and penetration testing to...
-
Cyber Vulnerability Assessment Expert
4 weeks ago
Washington, Washington, D.C., United States Peraton Full timeJob SummaryWe are seeking a highly skilled and experienced Cybersecurity Specialist to join our team at Peraton. As a key member of our Defensive Cyber Operations team, you will be responsible for conducting penetration testing, vulnerability assessments, and security evaluations to identify and mitigate potential threats to our customers' systems and...