Application Security Penetration Tester

Posted 8 hours 37 minutes ago by Xcede Recruitment Solutions

Permanent
Not Specified
Other
London, United Kingdom
Job Description

This is an opportunity to join a giant in the mobile applications world as an Application Security Penetration Tester. If you have a passion for securing applications, an in-depth understanding of application security, and the ability to identify and resolve vulnerabilities, this role is for you. You will play a key role in securing applications and shaping the future of their security posture by performing rigorous security assessments.

Responsibilities: In this role, you'll lead the security testing of their cloud-native, microservices-based architecture with a focus on web and mobile applications as well as cloud security testing. Key responsibilities include:

  • Conducting comprehensive penetration testing and security assessments of web and mobile applications.
  • Performing static (SAST), dynamic (DAST), and composition analysis (SCA) of source code.
  • Engaging in threat modeling and threat actor simulations to test and enhance security controls.
  • Collaborating with global development teams to ensure continuous improvement of the security posture.

Key Tasks:

  • Perform in-depth security testing of development operations, iOS, and Android mobile applications.
  • Carry out source code reviews to identify and mitigate security vulnerabilities.
  • Execute detailed penetration tests and security assessments, documenting findings and recommendations.
  • Automate security testing within CI/CD pipelines and implement secure coding practices.
  • Conduct offensive security operations, including red team exercises to simulate real-world attack scenarios.
  • Collaborate with DevOps teams to ensure security is integrated into every stage of the development lifecycle.

Qualifications:

  • Bachelor's degree in Computer Science, Software Engineering, or equivalent experience.
  • Professional certifications such as GWAPT, OSCP, or CEH.
  • 3-5 years of experience in application security testing, source code reviews, and DevOps security.
  • Proficient in programming languages and secure coding practices.
  • Strong analytical skills and attention to detail.

Tools & Technologies: Experience with tools such as Burp Suite Pro, Checkmarx, Corellium, Acunetix, Synopsys, VeraCode, AWS/Azure/Oracle Cloud, Postman, SoapUI, HashiCorp Vault, and Plextrac.

Benefits:

  • Health Insurance: Comprehensive medical, dental, and vision coverage.
  • Competitive Salary: Attractive salary based on experience.
  • 401(k) Matching: Company contributions to your 401(k) retirement plan.
  • Generous PTO: Vacation, sick leave, and holidays.
  • Professional Development: Access to training, workshops, and certifications.
  • Tuition Reimbursement: Financial support for further education.
  • Inclusive Environment: A diverse, supportive workplace with team-building activities and social events.

I look forward to receiving your applications and discussing it further!