Penetration Tester with Source Code Analysis- 4 Positions

Penetration Tester with Source Code Analysis- 4 Positions

Posted 2 weeks ago by 1750845104

Apply
Negotiable
Outside
Remote
USA
Apply
Application Programming Interface (API) Automation Code Review Ethical Hacking Generic Programming Marketing Collateral Mobile App Mobile Devices Penetration Testing Secure Coding Software Development Source Codes Test Case Web Applications

Summary: The role of Penetration Tester with Source Code Analysis focuses on manual web application penetration testing and secure code review, requiring candidates to identify vulnerabilities in source code. The position emphasizes the need for formal programming experience and the ability to create new testing methods. Candidates should also be able to communicate effectively with both technical and non-technical audiences. This role is remote and classified as outside IR35.

Key Responsibilities:

  • Perform manual security code reviews against common programming languages.
  • Conduct manual application penetration tests on web applications, internal applications, APIs, internal and external networks, and mobile applications.
  • Create new testing methods to identify vulnerabilities and entry points for exploitation.
  • Provide technical leadership and advice to team members on penetration test engagements.
  • Collaborate with Cyber teams to develop new testing techniques and automation.
  • Mentor junior and offshore team members on tools and techniques for performing tests.

Key Skills:

  • Solid expertise in manual web application penetration testing and secure code review.
  • Experience in performing manual test case scenarios.
  • Ability to identify vulnerabilities in source code manually.
  • Formal programming experience in any language.
  • One or more major ethical hacking certifications preferred (e.g., GWAPT, CREST, OSCP, OSWE, OSWA).
  • Strong communication skills for technical and non-technical audiences.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Penetration Tester with Source Code Analysis Remote

Must Have:

  • Seeking candidates with solid expertise in Manual web application penetration testing and Manual secure code review.
  • Expertise is performing Manual Test Case Scenarios is a must.
  • Identification of Vulnerabilities in Source Codes manually is a must.

Not Looking:

  • We are not looking for tool dependent SAST and DAST resources.
  • False positives review post SAST & DAST tool-based scanning will not be considered.

Key Areas:
Perform manual security code review against common programming languages
Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications
Formal programming experience is a must in any language
Create new testing methods to identify vulnerabilities and entry points that attackers may use to exploit applications, networks, and systems Good to Have:
One or more major ethical hacking certifications not mandatory but preferred; GWAPT, CREST, OSCP, OSWE, OSWA
Provide technical leadership and advice to team members on penetration test engagements
Converse with technical and non-technical audiences to articulate both testing processes, techniques and results
Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice and mentor junior and offshore team members on tools and techniques in performing tests

Apply
Similar Jobs
Loading data...