This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Editech Staffing - Washington, DC
posted about 2 months ago
About the position
We are seeking a highly skilled and experienced Lead Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a critical role in ensuring the security of our applications and guiding our security testing and vulnerability triage. As a lead, you will oversee a comprehensive security assessment of a cloud-native, microservices-based architecture, focusing on web and mobile applications, cloud security testing, adversary emulation, and continuous security posture improvement.
Responsibilities
- Lead and mentor a team of penetration testers, providing guidance and support to ensure high-quality security assessments.
- Conduct and oversee thorough security testing of developer operations and mobile applications (iPhone and Android).
- Identify security issues and vulnerabilities.
- Perform and supervise in-depth source code reviews to identify security flaws or weaknesses.
- Execute and oversee detailed assessments, compile findings into reports, and present actionable recommendations to stakeholders.
- Develop and implement security testing strategies and best practices to enhance the organization's security posture.
- Collaborate with global development teams to maintain the ongoing security of the globally adopted application.
Requirements
- Bachelor's degree in computer science, Software Engineering, or related field, or equivalent job experience.
- Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
- 5-7 years of experience in application security testing and source code review with at least 2 years in a leadership role.
- Proficiency in multiple programming languages and understanding of secure coding practices.
- Strong analytical skills and attention to detail for identifying vulnerabilities.
Nice-to-haves
- Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault.
Benefits
- Comprehensive health insurance plans covering medical, dental, and vision.
- 401(k) Matching: Company matches contributions to the 401(k) retirement plan up to a certain percentage.
- Generous Paid Time Off (PTO): Including vacation days, sick leave, and holidays to help you recharge and spend time with loved ones.
- Access to professional development programs, workshops, and certifications.
- Financial support for further education and courses related to the job.
- Clear career progression paths and opportunities for promotion.
- A diverse and inclusive workplace where all employees feel valued.
- Regular team-building events and social gatherings.
- Access to the latest technology and tools needed to perform the job effectively.
