Application Security Penetration Tester
JPC- 7699_06_05/15
Location – Fort Mill, SC
10+ Years of experience Required
We are seeking a highly skilled Application Security Penetration Tester with strong hands-on experience in Application Security Testing, Vulnerability Assessment, Penetration Testing, and Secure Development Practices. The ideal candidate should have expertise in identifying, validating, and remediating application vulnerabilities across enterprise systems while collaborating closely with development and DevSecOps teams.
Key Responsibilities:
• Perform Application Security Testing, Penetration Testing, and Vulnerability Assessments on web applications, APIs, and enterprise platforms.
• Conduct SAST, DAST, SCA, and OWASP Top 10 security testing activities.
• Analyze, validate, and report security vulnerabilities with remediation recommendations.
• Execute manual and automated testing using tools such as Fortify, Checkmarx, AppScan, Veracode, Burp Suite, and related platforms.
• Review source code and identify security flaws, duplicate vulnerabilities, and insecure coding practices.
• Perform API and web service security testing using JSON, REST APIs, and modern authentication mechanisms.
• Integrate automated security scans into CI/CD pipelines using Jenkins, GitHub, and related DevSecOps tools.
• Collaborate with development teams to improve secure coding standards and remediation practices.
• Support Threat Modeling, Incident Response, Purple Team, and Red Team activities.
• Maintain dashboards, vulnerability tracking reports, and compliance documentation.
• Conduct pre-production security validation and post-remediation verification testing.
Required Skills:
• Strong expertise in Application Security, Penetration Testing, Secure SDLC, Threat Modeling, and Vulnerability Management.
• Hands-on experience with SAST, DAST, SCA, OWASP Top 10, and manual penetration testing.
• Experience with security tools such as Checkmarx, Fortify, AppScan, Veracode, Burp Suite.
• Proficiency in programming languages including .NET, 4.5, Java, Python, C, C++, and JavaScript (Node.js, React).
• Experience with HTML, ASP, JSP, ColdFusion, REST APIs, JSON, and web application frameworks.
• Strong understanding of Internet Architecture, OOP Concepts, SQL Server, MySQL, and SQL queries.
• Knowledge of Azure Cloud, DevSecOps pipelines, GitHub, and Jenkins.
• Excellent analytical, troubleshooting, communication, and stakeholder management skills.
Preferred Skills:
• Experience with CI/CD Security Automation and secure code review processes.
• Exposure to Cloud Security, API Security, and enterprise application environments.
• Experience supporting Security Governance, Compliance Audits, and risk assessments.
• Certifications such as CEH, OSCP, CISSP, GWAPT, or related security certifications preferred.
Never miss an opportunity! Create an alert based on the job you applied for.
