Application Penetration Tester

Application Penetration Tester
Pivot Point Security, United States

Experience
1 Year
Salary
0 - 0
Job Type
Job Shift
Job Category
Traveling
No
Career Level
Telecommute
No
Qualification
As mentioned in job details
Total Vacancies
1 Job
Posted on
Mar 10, 2021
Last Date
Apr 10, 2021
Location(s)

Job Description

Do you like puzzles? Do you live, sleep, and breath App Sec? Are you an advanced and experienced Application Penetration Tester looking for the next step? And finally, and most importantly, can you communicate complex issues to a client in a way anyone might understand?

Then maybe, you’re the one we’re looking for. We need technically competent team players, that love application security, have a natural thirst for knowledge, and aspire to share this gift with our team and clients. The right candidate never accepts second best but instead is always looking for a smarter way, lives our core values, and is as comfortable talking with a business analyst about the application’s usage as they are about session entropy or CSRF with a developer.

We are looking for the right person to join our team as a Senior Level Application Security Assessor/Penetration Tester. The right person is highly experienced with application security testing, including OWASP ASVS knowledge, and possesses superior written and verbal communication skills that will provide clear and actionable guidance at an appropriate level to clients in a consultative fashion to best mitigate Application Security risk.

Requirements

We expect this person will:

  • Conduct penetration testing of web, mobile, web services, and thick client applications.
  • Candidate should be able to perform manual exploitation of vulnerabilities.
  • Recognize, document, and report vulnerabilities and kill chains, describing remediation activities with the ability to effectively articulate and communicate the results in both technical and layman terms to the appropriate audience.
  • Your writing should effectively explain to Grandpa what is wrong with the application.
  • Provide sales team with technical and security expertise in support of business development activities. Participate in sales calls, helps scope projects, provides pricing estimates, and creates pre and post-sales documentation.
  • Receive work assignments and timelines from the Practice Lead. Maintain routine cadence with the assigned Project Manager to ensure all interested stakeholders are up-to-date on project status and sound the alarm before any potential interference of meeting those deadlines.
  • Provide guidance and leadership as it relates to Application Pen Testing.
  • Meet/exceed defined goals for the services you deliver.
  • Achieve target Net Promoter Scores by meeting/exceeding client expectations.

The right person HAS the following characteristics:

  • Personal integrity, a highly transparent nature, and a mindset of mutual benefit.
  • Occasionally mistakes happen, you’re human (we hope). We expect you to own it, learn from it, and not repeat it.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high Self-Expectation (self-motivated, self-aware, self disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • A willingness and desire to learn. We understand that nobody knows everything. However, the right person has an inner drive to learn new things and share their knowledge.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3 PM or 10 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
  • The ability to work from anywhere as this role is remote/virtual.
  • A good sense of humor and the ability to laugh at themselves.

The right person has the following experience:

  • Demonstrated a solid understanding of application security, including the OWASP top 10 and the OWASP ASVS with experience in discovering, verifying, and exploiting these vulnerabilities.
  • 5 plus years of verifiable and significant application security auditing and penetration testing experience (with a preference toward ASVS assessments) and well-written deliverables that paint accurate stories our clients can understand.
  • In lieu of OWASP ASVS experience, experience in assessing application security architecture and/or code review is acceptable.
  • Demonstrated knowledge of and ability to create Proof-of-Concept exploits for common vulnerabilities (and be able to narrate the issue, exploitation, and remediation in simple

Job Specification

Job Rewards and Benefits

Pivot Point Security

Information Technology and Services - Chicago, Illinois, United States
© Copyright 2004-2024 Mustakbil.com All Right Reserved.