Application Offensive Security Consultant
Application Offensive Security Consultant
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Position Title: Application Offensive Security Consultant
Location: Hybrid (3 days onsite)
Experience Required: 6 years in application security testing
Compensation: $65 per hour
Position Overview:
The Application Offensive Security Consultant will be a key member of the Application Security team dedicated to supporting the Technology Risk initiative for offensive security assessments. The primary focus of this role is performing application security testing including red teaming and manual threat hunting and providing expert security guidance on key projects. This role offers a hybrid work structure requiring onsite work 3 days per week.
Key Responsibilities:
- Conduct red teaming activities against applications and APIs identifying and mitigating potential risks.
- Perform thorough manual (nonautomated) security testing on applications.
- Conduct application threat hunting assessing risk levels and vulnerability exposure.
- Produce detailed reports on assessment findings summarizing technical issues and recommended remediation strategies.
- Act as a Subject Matter Expert (SME) in application defense assisting with security engineering inquiries and enhancements.
- Collaborate with Security Architects Product Managers and Risk Managers to ensure security best practices in application design and implementation.
Qualifications:
- Bachelors degree in a related field or equivalent experience.
- Minimum of 6 years in application security testing with a consistent background in manual testing and threat hunting.
- At least 4 years of experience in conducting red teaming engagements.
- Proficiency with application security testing tools specifically Burp Suite Professional and OWASP ZAP.
- Indepth knowledge of OWASP Top 10 SANS Top 25 vulnerabilities and effective mitigation strategies.
- Familiarity with the MITRE ATT&CK Framework and adversarial tactics.
- Ability to assess and test countermeasures for misconfigurations and bypass controls.
- Offensive Security Certified Professional (OSCP) or GIAC Web Application Penetration Tester (GWAPT) certification preferred but not required.
- Experience Level: Associate
- Education Level: Bachelors degree or equivalent experience
Personal Attributes:
- Strong analytical skills with a proactive approach to identifying and mitigating risks.
- Effective communicator able to explain vulnerabilities and security concepts to both technical and nontechnical audiences.
- Detailoriented adaptable and thrives in highpressure fastpaced environments.
- Passionate about security with a curiosity for handson problemsolving and technical challenges.
Why Join Us
This position offers the chance to work with a dedicated Application Security team within a leading financial services firm contributing to the companys proactive security posture. Youll gain handson experience with advanced security assessment techniques and work with crossfunctional teams to build secure highquality applications. This role comes with the opportunity for skill development and career growth within an innovative and supportive environment.
Employment Type
Full Time
