Overview
On Site
BASED ON EXPERIENCE
Full Time
Contract - W2
Contract - Independent
Skills
PENETRATION TESTER
APPLICATION SECURITY
ETHICAL HACKER
BURP
METASPLOIT
ZAP
CHECKMARX
APPSCAN
AWS
AZURE
OSCP
CEH
GPEN
GWAPT
GWEB
PYTHON
JAVA
PHP
PERL
OBJECTIVE-C
Job Details
Role: Penetration Tester (10 openings)
Location: Minnetonka, MN (Hybrid- 3 Days a week)
Contract Duration: 12+ Months
Key Responsibilities
" Perform manual and automated penetration testing of web and mobile applications.
" Lead security assessments using DAST and SAST tools (e.g., Burp Suite, ZAP, Checkmarx, AppScan, WebInspect, Acunetix).
" Evaluate and secure cloud environments (AWS and Azure) including EC2, S3, RDS, VNets, and Azure DevOps pipelines.
" Conduct API security reviews, enforce secure coding practices, and validate implementations against best practices.
" Perform code reviews in Python, Java, PHP, Perl, and Objective-C to identify vulnerabilities.
" Provide architecture-level feedback on SSL/TLS, networking, load balancing, and ACL configurations.
" Develop and maintain Application Security Programs with a focus on CI/CD integration and secure SDLC.
" Lead scoping calls with stakeholders, define testing approaches, and present findings/reports.
" Actively research emerging exploits and contribute to vulnerability discovery (e.g., CTF, Hack the Box).
" Collaborate with engineering and product teams to ensure remediation strategies are adopted.
Required Skills
" 14 Years of experience.
" Strong knowledge of OWASP Top 10, NIST, and secure SDLC.
" Proficiency in penetration testing tools: Burp Suite, Metasploit, ZAP, Checkmarx, AppScan.
" Hands-on cloud security expertise in AWS (EC2, S3, RDS, KMS) and Azure security architecture.
" Strong programming background in Python, Java, PHP, Perl, Objective-C for code review and exploit development.
" In-depth knowledge of network security concepts: SSL/TLS, TCP/IP, ACLs, routing, load balancing.
" Familiarity with LAMP, LEMP, and MEAN stacks from a security perspective.
" Excellent communication skills for both technical and business stakeholders.
Required Certifications
" OSCP / OSWA / CEH, or SANS (GWAPT, GPEN, GWEB)
Location: Minnetonka, MN (Hybrid- 3 Days a week)
Contract Duration: 12+ Months
Key Responsibilities
" Perform manual and automated penetration testing of web and mobile applications.
" Lead security assessments using DAST and SAST tools (e.g., Burp Suite, ZAP, Checkmarx, AppScan, WebInspect, Acunetix).
" Evaluate and secure cloud environments (AWS and Azure) including EC2, S3, RDS, VNets, and Azure DevOps pipelines.
" Conduct API security reviews, enforce secure coding practices, and validate implementations against best practices.
" Perform code reviews in Python, Java, PHP, Perl, and Objective-C to identify vulnerabilities.
" Provide architecture-level feedback on SSL/TLS, networking, load balancing, and ACL configurations.
" Develop and maintain Application Security Programs with a focus on CI/CD integration and secure SDLC.
" Lead scoping calls with stakeholders, define testing approaches, and present findings/reports.
" Actively research emerging exploits and contribute to vulnerability discovery (e.g., CTF, Hack the Box).
" Collaborate with engineering and product teams to ensure remediation strategies are adopted.
Required Skills
" 14 Years of experience.
" Strong knowledge of OWASP Top 10, NIST, and secure SDLC.
" Proficiency in penetration testing tools: Burp Suite, Metasploit, ZAP, Checkmarx, AppScan.
" Hands-on cloud security expertise in AWS (EC2, S3, RDS, KMS) and Azure security architecture.
" Strong programming background in Python, Java, PHP, Perl, Objective-C for code review and exploit development.
" In-depth knowledge of network security concepts: SSL/TLS, TCP/IP, ACLs, routing, load balancing.
" Familiarity with LAMP, LEMP, and MEAN stacks from a security perspective.
" Excellent communication skills for both technical and business stakeholders.
Required Certifications
" OSCP / OSWA / CEH, or SANS (GWAPT, GPEN, GWEB)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.