Apply Now

Penetration Testing

Santa Clara, CA, US • Posted 6 hours ago • Updated 56 minutes ago

Full Time

Part Time

On-site

Fitment

Dice Job Match Score™

🧠 Analyzing your skills...

Job Details

Skills

SANS
Vulnerability Assessment
Collaboration
Network
Interfaces
Vulnerability Scanning
Web Applications
Security QA
Mobile Applications
Android
IOS Development
Penetration Testing
Client/server
Communication
Authentication
Authorization
Data Security
Administrative Support
Trend Analysis
Management
Software Security
Testing
Analytics
Scheduling
Regulatory Compliance
Vulnerability Management
Nessus
Identity Management
Network Security
OWASP
White Hat
SCA
Coverity
GitHub
Microsoft Power BI
Dashboard
Cloud Computing
JIRA
Analytical Skill
Problem Solving
Conflict Resolution
Application Development
Documentation
Reporting
Certified Ethical Hacker
OSCP
Amazon Web Services
DevSecOps
Continuous Integration
Continuous Delivery

Summary

Role: Penetration Testing / Security Test Engineer

Location: Santa Clara, CA

Role Summary

The Application Security & Penetration Testing Specialist will be responsible for conducting security assessments across web, mobile, thick client, and instrumented applications. The role includes vulnerability analysis, criticality-based reporting, and close collaboration with development, application, and product teams to support remediation. The position also provides platform administration and analytics support for SAST, DAST, SCA, and vulnerability management tools, along with cloud and infrastructure assistance as required.

Key Responsibilities

Instrument / Network Penetration Testing

Conduct security testing of instrumented or connected applications, including exposed network services and interfaces

Use Nessus / Tenable.SC for vulnerability scanning and configuration assessment

Analyse and prioritize vulnerabilities based on criticality

Prepare detailed vulnerability reports and support application teams during remediation

Web Application Penetration Testing

Perform security scanning and manual penetration testing of in-scope web applications

Identify, analyze, classify, and prioritize vulnerabilities based on agreed standards such as:

o OWASP Top 10

o CVSS / CVS

o Organization-specific security standards

Produce criticality-based vulnerability reports with clear remediation guidance

Provide clarification and consultation support to Application, Development, and Asset Owner teams during vulnerability remediation

Mobile Application Penetration Testing

Conduct security testing of in-scope mobile applications (Android/iOS)

Analyze identified vulnerabilities and prioritize them based on severity and business risk

Generate criticality-based reports for stakeholders

Support application teams with remediation-related clarifications

Thick Client Penetration Testing

Perform security assessments of thick client applications

Analyze vulnerabilities related to client-server communication, authentication, authorization, and data protection

Prioritize findings and prepare severity-based reports

Provide consultation support to development and application teams

Additional Security Platform & Tooling Support

SAST (Static Application Security Testing)

Provide operational and administrative support for:

o Coverity on Polaris

o Polaris

o GitHub Application Security

Manage user access, configurations, and scan operations

Import SAST data into Power BI for:

o Security trend analysis

o Risk dashboards

Generate management and operational reports from Power BI

DAST (Dynamic Application Security Testing)

Provide support for WhiteHat DAST tool operations

Administer tool configurations and access

Import scan data into Power BI for analytics and reporting

Generate vulnerability trend and compliance reports

SCA (Software Composition Analysis)

Provide support for Black Duck SCA

Administer tool usage, scan scheduling, and configurations

Import vulnerability and license risk data into Power BI

Generate trend, risk, and compliance reports

Vulnerability Management (Tenable)

Provide support for Tenable.SC / Nessus

Run vulnerability scans for product teams as required

Provide tool administration, configuration, and access management

Import scan data into Power BI

Generate vulnerability posture and trend reports

Required Skills & Competencies

Technical Skills

Strong knowledge of:

o Web, Mobile, Thick Client, and Network Security

o OWASP Top 10, CVSS, secure coding concepts

Hands-on experience with:

o Nessus / Tenable.SC

o WhiteHat DAST

o Black Duck SCA

o Coverity / Polaris / GitHub Security

o Power BI (data import, analysis, dashboard creation)

Understanding of AWS Cloud, containers, and infrastructure security

Exposure to Jira administration

Soft Skills

Strong analytical and problem-solving skills

Ability to communicate security risks clearly to technical and non-technical stakeholders

Collaborative mindset with application, development, and product teams

Good documentation and reporting skills

Preferred Qualifications

Certifications such as:

o CEH, OSCP, GWAPT, AWS Security Specialty (preferred)

Experience in regulated or enterprise environments

Familiarity with DevSecOps practices and CI/CD security integration

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91018020
Position Id: PDT - 10965-12100-1777914976
Posted 6 hours ago

Company Info

About Purple Drive Technologies LLC

Founded in 2007, Purple Drive started as a tech solutions firm and has grown into a full-service consulting and talent partner. We help businesses navigate complex technology challenges while connecting top professionals with career-defining opportunities.

We believe in transforming businesses through smart IT solutions and empowering technologists to grow their expertise through challenging projects and meaningful partnerships. Built on over 20 years of trusted relationships, we create success stories for both our clients and the talented professionals who drive innovation forward.

Go to company profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

GRC Engineer

San Jose, California

•

Today

Work Model: 100% Onsite - Local Candidates Only Role Overview We are seeking a highly skilled and handson GRC Engineer to join our team in San Jose, CA. This role requires strong expertise in Python development, API design, and modern cloudnative architectures, combined with a solid understanding of Governance, Risk, and Compliance (GRC) frameworks. The ideal candidate will have a builder mindset capable of designing and developing secure, scalable systems while ensuring regulatory compliance

Easy Apply

Full-time, Part-time, Contract, Third Party

Search all similar jobs