Senior Associate - Penetration Tester

$82,400 - $156,200/Yr

RSM - Houston, TX

posted 4 days ago

Full-time - Mid Level
Houston, TX
101-250 employees
Professional, Scientific, and Technical Services

About the position

RSM is seeking an experienced application penetration tester to join our Security and Privacy Risk Consulting group. This role is critical in helping clients prevent, detect, and respond to security threats affecting their systems and data. The ideal candidate will have expertise in both manual and automated testing methodologies, a strong understanding of vulnerabilities, and a passion for identifying potential security risks. As part of a dedicated team, you will provide application security testing and empower development and security teams with accurate findings to eliminate risks across client portfolios.

Responsibilities

  • Perform security assessments, including static and dynamic application security testing
  • Conduct manual penetration testing on web applications, network devices, and other systems
  • Collaborate with clients across various technology stacks and services, including cloud platforms and development technologies
  • Develop, enhance, and interpret security standards and guidance
  • Demonstrate and promote security best practices, including secure development and cloud security
  • Assist with the development of remediation recommendations for identified findings
  • Identify and clearly articulate findings to senior management and clients
  • Help identify improvement opportunities for assigned clients
  • Stay up-to-date with the latest security trends, technologies, and best practices
  • Work effectively within a team, fostering collaboration and open communication to deliver successful outcomes
  • Supervise and provide engagement management for other staff working on assigned engagements

Requirements

  • BS in Computer Science, Engineering, or related field or equivalent work experience
  • Expert in web security with extensive knowledge of vulnerabilities and the ability to identify and exploit them
  • 3+ years of experience in code review, application security testing, or web application development
  • Excellent written and verbal communication skills
  • Strong scripting skills (e.g. Python, Ruby, Perl)
  • Experience with cloud platforms, such as AWS, and knowledge of cloud security best practices
  • Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, Javascript, JSON, REST
  • High degree of integrity and confidentiality, adhering to company policies and best practices
  • Technical background in application development, networking/system administration, security testing, or related fields
  • Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques

Nice-to-haves

  • One or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist.

Benefits

  • Competitive benefits and compensation package
  • Flexibility in schedule to balance life's demands
  • Discretionary bonus based on firm and individual performance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service