drjobs Application Offensive Security Consultant

Application Offensive Security Consultant

Employer Active

drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Alexander City - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Job Description

Position Title: Application Offensive Security Consultant
Location: Hybrid (3 days onsite)
Experience Required: 6 years in application security testing
Compensation: $65 per hour

Position Overview:
The Application Offensive Security Consultant will be a key member of the Application Security team dedicated to supporting the Technology Risk initiative for offensive security assessments. The primary focus of this role is performing application security testing including red teaming and manual threat hunting and providing expert security guidance on key projects. This role offers a hybrid work structure requiring onsite work 3 days per week.

Key Responsibilities:

  • Conduct red teaming activities against applications and APIs identifying and mitigating potential risks.
  • Perform thorough manual (nonautomated) security testing on applications.
  • Conduct application threat hunting assessing risk levels and vulnerability exposure.
  • Produce detailed reports on assessment findings summarizing technical issues and recommended remediation strategies.
  • Act as a Subject Matter Expert (SME) in application defense assisting with security engineering inquiries and enhancements.
  • Collaborate with Security Architects Product Managers and Risk Managers to ensure security best practices in application design and implementation.

Qualifications:

  • Bachelors degree in a related field or equivalent experience.
  • Minimum of 6 years in application security testing with a consistent background in manual testing and threat hunting.
  • At least 4 years of experience in conducting red teaming engagements.
  • Proficiency with application security testing tools specifically Burp Suite Professional and OWASP ZAP.
  • Indepth knowledge of OWASP Top 10 SANS Top 25 vulnerabilities and effective mitigation strategies.
  • Familiarity with the MITRE ATT&CK Framework and adversarial tactics.
  • Ability to assess and test countermeasures for misconfigurations and bypass controls.
  • Offensive Security Certified Professional (OSCP) or GIAC Web Application Penetration Tester (GWAPT) certification preferred but not required.
  • Experience Level: Associate
  • Education Level: Bachelors degree or equivalent experience

Personal Attributes:

  • Strong analytical skills with a proactive approach to identifying and mitigating risks.
  • Effective communicator able to explain vulnerabilities and security concepts to both technical and nontechnical audiences.
  • Detailoriented adaptable and thrives in highpressure fastpaced environments.
  • Passionate about security with a curiosity for handson problemsolving and technical challenges.

Why Join Us
This position offers the chance to work with a dedicated Application Security team within a leading financial services firm contributing to the companys proactive security posture. Youll gain handson experience with advanced security assessment techniques and work with crossfunctional teams to build secure highquality applications. This role comes with the opportunity for skill development and career growth within an innovative and supportive environment.

Employment Type

Full Time

Company Industry

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.