Penetration Tester

6 days ago


Washington, United States Editech Staffing Full time

Job Overview

Our client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.

Key responsibilities include static and dynamic source code reviews using tools like SAST, DAST, and SCA. You'll also leverage threat modeling and attack pathing to validate and enhance the organization's security controls.

Your work will help ensure security measures function as intended and support global teams in maintaining the security of a widely used application.

Benefits

  • Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.
  • Competitive Salary
  • 401(k) Matching

Work-Life Balance

  • Generous Paid Time Off (PTO)

Professional Development

  • Training and Development: Access to professional development programs, workshops, and certifications.
  • Tuition Reimbursement: Financial support for further education and courses.
  • Career Growth Opportunities

Company Culture

  • Inclusive Environment
  • Team Building Activities

Job Description

Security Testing of Developer Operations and Mobile Apps:

  • Conduct thorough security testing of developer operations and mobile applications (iPhone and Android).
  • Identify security issues and vulnerabilities.

Source Code Reviews:

  • Perform in-depth source code reviews to identify security flaws or weaknesses.

Executing Tests/Assessments and Drafting Reports:

  • Execute detailed assessments and compile findings into reports for further review and action.

Required Skills and Experience:

  • Bachelor's degree in computer science, Software Engineering, or related field, or equivalent job experience.
  • Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
  • 3-5 years of experience in application security testing and source code review.
  • Proficiency in multiple programming languages and understanding of secure coding practices.
  • Strong analytical skills and attention to detail for identifying vulnerabilities.
  • Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
  • Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
  • Executing Tests/Assessments and Drafting Reports: Executes detailed assessments and compiles findings into reports for further review and action.

Tools and Technologies:

Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault


  • Penetration Tester

    4 weeks ago


    Washington, United States Insight Global Full time

    Job DescriptionJob DescriptionMust Haves:4+ years of experience conducting manual Source Code reviewsExperience with automated testing tools for SAST (Static Application security Testing), DAST (dynamic Application security Testing), and SCA (software Composition Analysis)Example tools: Checkmarx, Burp Suite Pro, Plextrac, Veracode, Hashicorp Vault4+ years...


  • Washington, Washington, D.C., United States Diverse Lynx Full time

    Job Title: Cybersecurity Engineer - Penetration TesterThis role involves applying security testing methodologies to identify vulnerabilities in custom solutions, ERP integrations, and commercial off-the-shelf solutions. Key responsibilities include:• Practical working knowledge of penetration testing tools and frameworks like BurpSuite, Metasploit, and...


  • Washington, United States Editech Staffing Full time

    Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful...


  • Washington, United States Editech Staffing Full time

    Lead Application Penetration TesterOnsite / Washington, DCJob Overview Our client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities....

  • Penetration Tester

    2 months ago


    Washington, United States Editech Staffing Full time

    Job OverviewOur client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.Key responsibilities include static and dynamic source code reviews...

  • Penetration Tester

    2 months ago


    washington, United States Editech Staffing Full time

    Job OverviewOur client is looking for an experienced Application Penetration Tester to assess the security of a cloud-native, microservices-based architecture. You will focus on web and mobile applications, cloud security testing, adversary emulation, and continuous security improvement.Key responsibilities include static and dynamic source code reviews...


  • washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...


  • washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...


  • Washington, United States Kavaliro Full time

    Kavaliro is seeking an experienced Lead Application Penetration Tester to join our cyber security client. This role is perfect for someone passionate about cybersecurity and skilled in identifying and mitigating vulnerabilities in application security. As the lead, you'll be responsible for the security of cloud-native, microservices-based applications,...


  • washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...


  • washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...


  • Washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...


  • Washington, DC, United States Editech Staffing Full time

    Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful...


  • Washington, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...


  • Washington, DC, United States Editech Staffing Full time

    Onsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a...

  • QA Tester

    5 months ago


    Washington, United States TWO95 International Full time

    Title: QA Tester Location: Washington, DC Position: Contract Rate: $/OpenDescription:- • Test web services, web application, API, mobile application for potential vulnerabilities, Wireless penetration testing and POS device security assessments • Run patch / configuration audit scans, create scan report • Periodically run Host Discovery Scans, web...


  • washington, United States Editech Staffing Full time

    Lead Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The...


  • Washington, United States Editech Staffing Full time

    Lead Application Penetration TesterOnsite / Washington, DCJob OverviewOur client is seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The...


  • Washington, United States Aon Full time

    Job SummaryAs a Principal Security Penetration Tester at Aon, you will serve as a senior member of our penetration testing team. We are looking for motivated individuals to add to our team, providing a challenging and exciting work environment with a healthy combination of autonomy and senior-level support. Our team publishes books and security blogs,...


  • Washington, United States JPMorgan Chase & Co. Full time

    Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement. As an Assessments & Exercises Senior Associate in the Cybersecurity and Technology Controls line of business, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using...