The client is seeking an experienced Penetration Tester specializing in Java application security. The role focuses on identifying exploiting and remediating vulnerabilities in large-scale enterprise applications to strengthen overall cybersecurity posture. The consultant will work closely with development and testing teams to integrate security practices into the software development lifecycle.
Key Responsibilities
Perform penetration testing and vulnerability assessments on Java applications and infrastructure
Identify and analyze security vulnerabilities using both automated and manual techniques
Develop and execute custom exploits to simulate real-world attack scenarios
Collaborate with development teams to assess application architecture and detect security gaps early
Partner with QA teams to integrate security into manual and automated testing processes
Provide recommendations for secure coding practices and vulnerability remediation
Stay current with Java security threats NIST CVEs and industry best practices
Support secure SDLC improvements and security governance initiatives
Assist in incident response related to Java application vulnerabilities
Document findings with detailed risk assessments and remediation strategies
Communicate technical findings to both technical and non-technical stakeholders
Contribute to security policies and standards for application development
Analyze URLs query parameters browser data tokens and caching mechanisms for vulnerabilities
Evaluate production vs. non-production environments for security risks
Apply frameworks such as MITRE ATT&CK in security assessments
Required Qualifications
Bachelors degree in Computer Science Information Security or related field
Minimum 6 years of experience in Development and Security (DevSec) roles
Strong background in Java programming and secure coding practices
Experience with penetration testing and ethical hacking focused on Java applications
Prior experience working on large-scale enterprise applications
Proficiency in web application security standards (e.g. OWASP)
Knowledge of common vulnerabilities such as SQL Injection and Cross-Site Scripting (XSS)
Hands-on experience with tools such as Burp Suite and Metasploit
Familiarity with Fortify on Demand (SAST/DAST tools)
Strong understanding of cryptography and secure protocols (SSL/TLS)
Technical & Soft Skills
Technical Skills:
Core Java development and security testing
Web application security and vulnerability assessment
Secure code review and exploit development
Scripting (preferred: Python Bash)
API and browser-based security testing
Knowledge of cloud and mobile security testing (preferred)
Soft Skills:
Strong analytical and problem-solving ability
Clear communication with cross-functional teams
Ability to explain technical risks to non-technical stakeholders
High level of integrity and confidentiality
(Local candidates only as F2F Interview is must) Project Overview The client is seeking an experienced Penetration Tester specializing in Java application security. The role focuses on identifying exploiting and remediating vulnerabilities in large-scale enterprise applications to strengthe...
(Local candidates only as F2F Interview is must)
Project Overview
The client is seeking an experienced Penetration Tester specializing in Java application security. The role focuses on identifying exploiting and remediating vulnerabilities in large-scale enterprise applications to strengthen overall cybersecurity posture. The consultant will work closely with development and testing teams to integrate security practices into the software development lifecycle.
Key Responsibilities
Perform penetration testing and vulnerability assessments on Java applications and infrastructure
Identify and analyze security vulnerabilities using both automated and manual techniques
Develop and execute custom exploits to simulate real-world attack scenarios
Collaborate with development teams to assess application architecture and detect security gaps early
Partner with QA teams to integrate security into manual and automated testing processes
Provide recommendations for secure coding practices and vulnerability remediation
Stay current with Java security threats NIST CVEs and industry best practices
Support secure SDLC improvements and security governance initiatives
Assist in incident response related to Java application vulnerabilities
Document findings with detailed risk assessments and remediation strategies
Communicate technical findings to both technical and non-technical stakeholders
Contribute to security policies and standards for application development
Analyze URLs query parameters browser data tokens and caching mechanisms for vulnerabilities
Evaluate production vs. non-production environments for security risks
Apply frameworks such as MITRE ATT&CK in security assessments
Required Qualifications
Bachelors degree in Computer Science Information Security or related field
Minimum 6 years of experience in Development and Security (DevSec) roles
Strong background in Java programming and secure coding practices
Experience with penetration testing and ethical hacking focused on Java applications
Prior experience working on large-scale enterprise applications
Proficiency in web application security standards (e.g. OWASP)
Knowledge of common vulnerabilities such as SQL Injection and Cross-Site Scripting (XSS)
Hands-on experience with tools such as Burp Suite and Metasploit
Familiarity with Fortify on Demand (SAST/DAST tools)
Strong understanding of cryptography and secure protocols (SSL/TLS)
Technical & Soft Skills
Technical Skills:
Core Java development and security testing
Web application security and vulnerability assessment
Secure code review and exploit development
Scripting (preferred: Python Bash)
API and browser-based security testing
Knowledge of cloud and mobile security testing (preferred)
Soft Skills:
Strong analytical and problem-solving ability
Clear communication with cross-functional teams
Ability to explain technical risks to non-technical stakeholders
Job Location:
Monthly Salary:
Posted on:
Vacancies:
