Application Security Tester and Source Code Reviewer

```Overview```
We are seeking an experienced Application Security Engineer to join our team. As an Application Security Engineer, you will play a crucial role in ensuring the security of our applications and systems. You will be responsible for identifying and mitigating security vulnerabilities, conducting security assessments, and implementing security measures to protect our organization's sensitive data.

Application Security Tester and Source Code Review

• Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
• Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
• Executing Tests/Assessments and Drafting Reports: Similar to the Red Team, executes detailed assessments and compiles findings into reports for further review and action.

Requirements

• Bachelor’s degree in Computer Science, Software Engineering, or related field.
• Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
• 3-5 years of experience in application security testing and source code review.
• Proficiency in multiple programming languages and understanding of secure coding practices.
• Strong analytical skills and attention to detail for identifying vulnerabilities

Experience with the following tools or solutions:
Burb Suite Pro

• Acunetix
• VeraCode
• SAST & DAST Tools
• Plextrac
• Mandiant
• Cobalt Strike
• Cloud security (AWS / Azure / Oracle
• Postman
• SmartBear Ready
• API and SoapUI
• Hashicorp Vault

If you are a highly skilled Application Security Engineer looking for an exciting opportunity to make a significant impact on our organization's security posture, we would love to hear from you. Apply today!

Job Type: Full-time

Pay: $86,001.55 - $120,000.00 per year

Benefits:

• 401(k)
• Dental insurance
• Health insurance

Experience level:

• 4 years
• 5 years

Application Question(s):

• Do you have at least 2 years of experience in conducting thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities? Please explain.
• Do you hold any of the following professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar? If so which?
• Are proficient in multiple programming languages and understanding of secure coding practices? If yes, please provide a brief explanation.

Work Location: In person