Application Pentest
Application Pentest
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are an IT Solutions Integrator/Consulting Firm helping our clients hire the right professional for an exciting long term project. Here are a few details.
Requirements
We are seeking a highly skilled Attack Surface Management Senior Consultant to join our global cybersecurity team. In this role you will work with a team of engineers and analysts to help clients identify and remediate vulnerabilities rogue assets and shadow IT within their networks. You will play a key role in executing manual penetration testing vulnerability assessments secure code reviews and developing security controls to strengthen application security.
Key Responsibilities:
Conduct manual and automated vulnerability assessments and penetration testing for Web API Mobile and Thick Client applications.
Perform secure code reviews and conduct false positive analyses of findings from industrystandard security tools.
Assist in developing and implementing application security policies and procedures.
Identify analyze and prioritize security vulnerabilities and business logic flaws.
Collaborate with application development and operations teams to support remediation efforts and secure application development.
Generate timely and highquality reports for clients partners and internal stakeholders.
Participate in regular reporting activities (daily weekly quarterly and yearly) as required.
Respond to adhoc requests for analysis and research from management and analyst teams.
Stay current with evolving threats attack techniques and industry best practices.
Required Qualifications:
Bachelor s degree in Computer Science or related field or equivalent professional experience.
3 7 years of handson experience in application security including penetration testing and vulnerability assessments.
Deep understanding of OWASP Top 10 and related vulnerabilities.
Strong experience with manual exploitation of complex vulnerabilities such as:
Blind SQL Injection
XXE
SSRF
Insecure Deserialization
HTTP Request Smuggling
Understanding of authentication and authorization protocols like OAuth2/OpenID and their weaknesses.
Experience in identifying business logic vulnerabilities and misconfigurations.
Proficient in secure code review practices aligned with OWASP standards.
Handson experience with tools such as Burp Suite Fiddler Veracode Wireshark DnSpy OllyDbg Apktool Jadxgui Frida EchoMirage Sysinternals suite IDA Pro.
Strong knowledge of web technologies: HTML CSS JavaScript PHP Java .NET and backend databases.
Familiarity with web application architectures microservices and application security models.
Basic knowledge of reverse engineering memory analysis and network protocols (TCP/IP DNS HTTP/S).
Familiarity with CVE/CVSS standards and the National Vulnerability Database (NVD).
Excellent written and verbal communication skills for creating detailed technical reports.
Certifications (Required or Preferred):
Certified Information Systems Security Professional (CISSP)
Offensive Security Certified Professional (OSCP)
Offensive Security Web Expert (OSWE)
Burp Suite Certified Practitioner (BSCP)
GIAC Web Application Penetration Tester (GWAPT)
Preferred Skills:
Demonstrated experience in secure code reviews and mobile/web app security testing.
Contributions to the cybersecurity community via blogs tools CVEs or conference talks.
Proficiency in Python or scripting for automation.
Strong knowledge of microservices and modern application vulnerabilities.
Understanding of malware behavior and exploitation techniques.
Analytical mindset and excellent problemsolving capabilities.
Selfdriven curious and passionate about security with a willingness to continuously learn.
Benefits
Visit us at Alignity Solutions is an Equal Opportunity Employer, M/F/V/D. CEO Message: Click Here Clients Testimonial: Click Here
Employment Type
Full Time
