Click here to download our latest salary guide
arrow-leftBack to the previous page

Application Security Penetration Tester

Location:
London
Salary:
Negotiable
Job Type:
Permanent
Date Posted:
29 days ago
Expiry Date:
08/12/2024
Job Ref:
BBBH115448_1729761892
Start Date:
24/10/2024
Contact:
Jonathan Malone
Contact Email:
jonathan.malone@xcede.de
Specialism:
Security Architecture & Engineering

This is an opportunity to join a giant in the mobile applications world as an Application Security Penetration Tester. If you have a passion for securing applications, an in-depth understanding of application security, and the ability to identify and resolve vulnerabilities, this role is for you. You will play a key role in securing applications and shaping the future of their security posture by performing rigorous security assessments.

Responsibilities: In this role, you'll lead the security testing of their cloud-native, microservices-based architecture with a focus on web and mobile applications as well as cloud security testing. Key responsibilities include:

  • Conducting comprehensive penetration testing and security assessments of web and mobile applications.
  • Performing static (SAST), dynamic (DAST), and composition analysis (SCA) of source code.
  • Engaging in threat modeling and threat actor simulations to test and enhance security controls.
  • Collaborating with global development teams to ensure continuous improvement of the security posture.

Key Tasks:

  • Perform in-depth security testing of development operations, iOS, and Android mobile applications.
  • Carry out source code reviews to identify and mitigate security vulnerabilities.
  • Execute detailed penetration tests and security assessments, documenting findings and recommendations.
  • Automate security testing within CI/CD pipelines and implement secure coding practices.
  • Conduct offensive security operations, including red team exercises to simulate real-world attack scenarios.
  • Collaborate with DevOps teams to ensure security is integrated into every stage of the development lifecycle.

Qualifications:

  • Bachelor's degree in Computer Science, Software Engineering, or equivalent experience.
  • Professional certifications such as GWAPT, OSCP, or CEH.
  • 3-5 years of experience in application security testing, source code reviews, and DevOps security.
  • Proficient in programming languages and secure coding practices.
  • Strong analytical skills and attention to detail.

Tools & Technologies: Experience with tools such as Burp Suite Pro, Checkmarx, Corellium, Acunetix, Synopsys, VeraCode, AWS/Azure/Oracle Cloud, Postman, SoapUI, HashiCorp Vault, and Plextrac.

Benefits:

  • Health Insurance: Comprehensive medical, dental, and vision coverage.
  • Competitive Salary: Attractive salary based on experience.
  • 401(k) Matching: Company contributions to your 401(k) retirement plan.
  • Generous PTO: Vacation, sick leave, and holidays.
  • Professional Development: Access to training, workshops, and certifications.
  • Tuition Reimbursement: Financial support for further education.
  • Inclusive Environment: A diverse, supportive workplace with team-building activities and social events.

I look forward to receiving your applications and discussing it further!

APPLY FOR THIS JOB

For your job application, please fill in the form below.
SHARE THIS JOB
whatsappenvelopelinkedin
Jonathan Malone

Jonathan Malone

Specialisms: Cyber, InfoSec, GRC & Vulnerabilities, Security Architecture & Engineering, Network Security & Operations
whatsappenvelopelinkedin

Latest Jobs