drjobs Application Offensive Security Consultant

Application Offensive Security Consultant

Employer Active

drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

USA

Salary drjobs

65 - 65

Job Description

Job Overview:
We are seeking an experienced Application Offensive Security Consultant to join our Application Security team. In this role you will contribute to our Technology Risk initiative by performing offensive security assessments on applications and providing subject matter expertise (SME) guidance to key projects. The ideal candidate has a strong background in application security testing red teaming and manual security testing along with a passion for handson work and application defense.

Key Responsibilities:

  • Conduct red team assessments against applications and APIs.
  • Perform application threat hunting to evaluate risks.
  • Perform manual (nonautomated) security testing of applications.
  • Deliver vulnerability information in a predefined report format after manual testing using security tools and techniques.
  • Generate and summarize assessment reports to facilitate remediation.
  • Provide SME guidance and respond to security engineering questions related to application defense enhancements.
  • Collaborate with security architects product managers risk managers and other teams to ensure highquality outcomes.

Required Skills & Experience:

  • Minimum 6 years of experience in application security testing.
  • At least 4 years of experience in conducting red teaming engagements.
  • Proficiency in application security testing tools such as Burp Suite Professional and OWASP ZAP.
  • Strong ability to perform manual security testing and leverage liveofftheland strategies.
  • Deep understanding of vulnerabilities in the OWASP Top 10 and SANS Top 25 and the ability to explain them to a wide range of audiences.
  • Knowledge of MITRE ATT&CK Framework and adversarial methodologies.
  • Capability to bypass security controls and test countermeasures for misconfigurations.
  • Strong multitasking abilities and the capability to perform well under pressure.

Certifications (Preferred but not Required):

  • OSCP (Offensive Security Certified Professional) GWAPT or equivalent certifications in offensive security/red teaming.

Additional Notes:
This is not a typical penetration testing role that extends beyond traditional pentesting responsibilities. Instead it focuses on manual application testing and security assessments that align with realworld adversarial scenarios. Candidates who enjoy Capture The Flag (CTF) competitions and have a strong handson approach to security will thrive in this position.

Education:

  • Bachelors Degree or equivalent experience

Remote Work :

No

Employment Type

Remote

Company Industry

Key Skills

  • Continuous Integration
  • Spring
  • Vendor Management
  • SOAP
  • High Availability
  • Mobile Devices
  • Business Analysis
  • Unit Testing
  • Application Development
  • Salt
  • Jboss
  • Oracle
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.