Overview
Skills
Job Details
Requesting web penetration testers
Denver is top priority for the Lead Penetration Tester
2nd locations can be -Texas/Austin/San Antonio or Florida/Miami
Austin, Miami, Denver-Remote
Awesome candidate in Denver-required on-site
Must have worked for a Financial Institution/Bank
Role Overview:
We are seeking an experienced Web Penetration Tester to perform comprehensive security assessments of our web applications. The goal is to identify vulnerabilities, validate security controls, and provide actionable remediation guidance to strengthen our application security posture.
Scope of Work
• Conduct scoped penetration testing on designated web applications.
• Identify and exploit vulnerabilities in:
o Authentication and authorization mechanisms.
o Input validation and data handling.
o Session management.
o API endpoints and integrations.
o Business logic flaws
• Assess compliance with OWASP Top 10 and other relevant security standards.
• Perform manual testing supplemented by automated tools
• Provide detailed risk analysis and prioritize findings based on impact and likelihood, per Western Union risk rating.
• Deliver a comprehensive report including:
o Executive summary.
o Technical details of findings.
o Proof-of-concept exploits.
o Recommended remediation steps.
Required Qualifications
• Proven experience in web application penetration testing.
• Strong knowledge of:
o OWASP Top 10.
o Common web vulnerabilities (SQL injection, XSS, CSRF, etc.).
o Business Logic flaws in Financial Services Apps.
• Familiarity with secure coding practices and modern frameworks.
• Proficiency with penetration testing tools (Burp Suite, OWASP ZAP, etc.).
• Ability to produce clear, actionable reports for both technical and non-technical audiences.
Deliverables
• Vulnerability report with severity ratings.
• Retest after remediation