Overview
Hybrid
$55 - $65
Contract - Independent
Contract - W2
Contract - 6 Month(s)
Skills
vulnerabilities
Burp Suite
OWASP ZAP
MITRE ATT&CK Framework
APIs
Job Details
- Conduct offensive security testing on web applications and APIs to identify potential vulnerabilities and attack vectors.
- Perform application threat hunting to proactively assess and mitigate risks.
- Execute manual penetration testing of applications to uncover security flaws beyond automated scanning capabilities.
- Document vulnerabilities using standardized report formats, combining insights from manual testing methodologies and industry-standard tools.
- Generate detailed assessment reports, highlighting technical issues and providing clear remediation guidance.
- Act as a subject matter expert in application security, addressing queries and offering solutions related to Application dep improvements.
- Collaborate closely with Security Architects, Product Managers, Risk Managers, and cross-functional teams to deliver secure, high-quality products.
Technical Skills & Qualifications:
- Strong experience in testing web applications for security vulnerabilities.
- Hands-on expertise with application penetration testing tools such as Burp Suite and OWASP ZAP.
- Demonstrated ability to think creatively and manually identify weaknesses aligned with the OWASP Top 10, without reliance on automated scanners.
- Solid understanding of the MITRE ATT&CK Framework and adversarial threat methodologies.
- Bachelor s degree in a related field or equivalent practical experience.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.