Overview
Skills
Job Details
Need Only Locals to Charlotte, NC
Job Overview:
You will contribute to moderately complex initiatives within Cyber Security Research, focusing on application security testing and research. You will perform penetration testing of web applications and APIs, evaluate vulnerabilities, and collaborate with development and security teams to remediate risks. This role requires strong analytical skills, hands-on penetration testing expertise.
Candidates needs to have:
4+ years of experience in Cyber Security Research or equivalent (work experience, consulting, training, military experience, or education).
Hands-on experience in:
- Application Penetration Testing (manual + automated)
- Dynamic Application Security Testing (DAST)
- Vulnerability validation and remediation guidance
Strong knowledge of application security principles and common vulnerabilities (e.g., OWASP Top 10).
Ability to document findings in a clear, technical, and actionable manner.
Good to have:
- Familiarity with automated penetration testing tools (e.g., Burp Suite, OWASP ZAP, Acunetix, etc.).
- Experience collaborating with development teams in agile or DevSecOps environments.
- Knowledge of secure coding practices and API security standards.
Job Description:
- Conduct application penetration testing for web applications and APIs using both manual techniques and automated tools.
- Configure and run Dynamic Application Security Testing (DAST) tools to perform scans effectively.
Perform defect analysis, including:
- Reviewing and validating automated scan results
- Triage and disposition of false positives
Generate clear, accurate, and detailed technical security reports with identified vulnerabilities.
Collaborate with development and security teams to explain defects and provide remediation guidance.
Support broader cybersecurity research initiatives, applying organizational policies and compliance requirements.