Current Opening: Senior Application Security Pentester REMOTE
Current Opening: Senior Application Security Pentester REMOTE
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 115 - 165
1 Vacancy
Job Description
ISE is seeking a talented Senior level Application Security Pentester to join our team. Do you enjoy working with wicked smart people like to hack into things solve puzzles and work on cool projects ISE is the place for you!
What youll do at ISE:
- Interface directly as a project lead senior analyst or in a scoping capacity
- Mentor junior analysts throughout client assessments research projects findings reviews and general professional and technical development
- Perform hands-on security assessments and reviews on various pieces of technology including but not limited to:
- Web apps and APIs
- Mobile apps
- Networks
- Cloud architecture and configuration
- Source code analysis
- Hardware and firmware
- Create comprehensive assessment reports that clearly identify vulnerabilities how they impact our clients digital assets and remediation strategies
- Provide consultative advice to ISEs clients regarding best practices design guidance new threats policies and processes etc. Basically: be their genius friend who helps solve problems.
- Perform research and develop whitepapers/presentations/etc. regarding relevant research security topics tools and techniques driven by your areas of interest and expertise
- Opportunity to participate in IoT Village
What you wont do at ISE:
- Use scanners - we might use a scanning tool on occasion but our assessments are designed to find what scanners miss
- Write policy or compliance rules or assess tools for regulatory purposes
- Only hack with your head down - we are looking for folks who will talk with our clients mentor others and collaborate on projects talks and research
What you bring to the table:
- 6 years in security consulting with a focus on application/software
- Experience with programming and developing exploits
- Familiarity with Unix command line tools and working in CLI environments
- Skillset in the following:
- Web and desktop application security (Advanced)
- Cloud security and architecture (Advanced)
- Mobile application security (Basic)
- Background in the following:
- Software vulnerability analysis code analysis and fuzzing
- Reverse engineering through static and dynamic analysis
- Analyzing cryptographic workflows
- Analyzing network traffic
- Experience interacting with clients in a consultative environment
- Strong technical writing and oral communication skills
- Public speaking experience
- Desire to make things better: help our clients secure their products help your colleagues grow and learn self-motivated and always seeking improvement
Nice to have (but we can teach you!):
- Skillset in the following:
- IoT hardware security
- Network security
- Red Teaming
- AI security
- Experience with digital rights management and digital watermarking
- Experience with secure software development
- Familiarity with industry standard security policies (SOC2 OWASP ASVA GDPR ISO 27001 PCI NIST CSF etc) and their practical applications
- Experience assessing generative AI technologies and applications
Salary:
$115K-$165K according to experience
If you dont think you meet all of the criteria above but are still interested in the job please apply. Nobody checks every box and were looking for someone excited to join the team.
What we bring to the table:
- Check out for full details
- Work that matters; projects that impact peoples everyday life and wellbeing
- Quality integrity dedication and education: our core values
- Life balance: flexible schedule work from home options unlimited vacation
- $0 health premium plan option including spouse and family
- Opportunities to research and publish speak at major security events and conferences
- Leadership and peers that support and mentor you: your growth is our growth your success is our success
- Relaxed and fun environment: ditch the suit and tie sit or stand at your desk or find a sofa
How youll learn at ISE:
Everyone has a mentor or two or three sometimes. We hold you and ourselves accountable for your advancement. Youll learn directly from your mentor your colleagues resources vetted by the team and at regular firetalk lunches by your peers oh and lunch is on us once a week in the office. You also have access to paid training workshops university courses certification courses and well pay for the certs too. Want to learn a new skill that you arent currently using but want to Great! Innovation is keynew technology is important.
About ISE:
ISE is an independent security consulting and software firm headquartered in Baltimore Maryland dedicated to securing high value assets for global enterprises and performing groundbreaking security research. Using an adversary-centric perspective driven by our elite team of analysts and developers we improve our clients overall security posture protect digital assets harden existing technologies secure infrastructures and work with development teams to ensure product security prior to team enjoys working in a creative educational and comfortable environment where they can thrive professionally.
Building a Better Community:
We value different viewpoints and fresh perspectives. We embrace people who challenge our thinking and question the status quo. We are opposed to narrow minded exclusionary and discriminatory viewpoints or practices that inherently undermine our creative process hinder growth and impede innovation.
Need more info
Be sure you spend some time at . Make sure you look through all the perks on the Careers page then check out our Research and Blog our events page for the IoT Village and About page. Follow us on Twitter @ISEsecurity and @IoTvillage
Required Experience:
Senior IC
Employment Type
Full-Time
