Penetration Tester â Java Application Security
Penetration Tester â Java Application Security
Posted on :
21-08-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Job Overview
We are seeking an experienced Penetration Tester with a strong focus on Java application security to help safeguard large-scale enterprise applications. The ideal candidate will have a solid development background deep understanding of secure coding practices and hands-on experience identifying and remediating vulnerabilities in Java-based environments.
Key Responsibilities
- Perform penetration testing and vulnerability assessments on Java applications and supporting infrastructure.
- Analyze Java source code using both automated and manual methods to uncover security flaws.
- Simulate real-world attacks by developing custom exploits and using penetration testing tools.
- Collaborate with development teams to understand application architecture and integrate security early in the SDLC.
- Work with QA teams to align penetration testing with manual and automated test strategies.
- Provide detailed actionable guidance on remediation of security vulnerabilities.
- Stay current with the latest Java-specific threats industry trends and best practices.
- Respond to and investigate Java-related security incidents particularly those involving published CVEs (e.g. NIST).
- Produce comprehensive technical reports including risk assessments and mitigation strategies.
- Communicate findings and recommendations clearly to both technical and non-technical stakeholders.
- Contribute to the development of secure coding standards and internal security policies.
- Examine application behavior by manipulating URLs browser data tokens and cache to identify vulnerabilities across production and non-production environments.
- Apply frameworks such as MITRE ATT&CK for threat modeling and assessments.
Required Qualifications
- Bachelors degree in Computer Science Information Security or related field.
- Minimum 6 years of experience in application security or DevSecOps roles.
- Strong hands-on experience with Core Java development and secure coding practices.
- Proven background working on large-scale public sector or enterprise applications.
- Expertise in Java application penetration testing and ethical hacking techniques.
- Deep understanding of OWASP Top 10 secure software development lifecycle (SDLC) and web application vulnerabilities (e.g. SQL Injection XSS).
- Proficiency with industry-standard tools such as Burp Suite Metasploit Fortify SAST/DAST etc.
- Working knowledge of cryptographic protocols (SSL/TLS) and secure communications.
- Strong scripting skills (e.g. Python Bash) for automation and exploit development.
- Excellent problem-solving communication and documentation skills.
- High ethical standards and commitment to confidentiality.
Employment Type
Full-time
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
