Application Security Specialist (Onsite) :: Santa Clara, CA

Hi,

Hope you are doing well,

Please find the job description given below and let me know your interest.

Position: Application Security Specialist (Onsite)

Location: Santa Clara, CA

Duration : 6 months

Job Description:

• Penetration Testing

• Vulnerability Analysis

• Nessus

• SAST

• DAST

 

PEN Testing

Role Summary

Key Responsibilities :

Instrument / Network Penetration Testing

•        Conduct security testing of instrumented or connected applications, including exposed network services and interfaces

•        Use Nessus / Tenable.SC for vulnerability scanning and configuration assessment

•        Analyse and prioritize vulnerabilities based on criticality

•        Prepare detailed vulnerability reports and support application teams during remediation

Web Application Penetration Testing

•        Perform security scanning and manual penetration testing of in-scope web applications

o        CVSS / CVS

o        Organization-specific security standards

Mobile Application Penetration Testing

•        Support application teams with remediation-related clarifications

Thick Client Penetration Testing

•        Perform security assessments of thick client applications

•        Analyze vulnerabilities related to client-server communication, authentication, authorization, and data protection

•        Prioritize findings and prepare severity-based reports

Additional Security Platform & Tooling Support

SAST (Static Application Security Testing)

o        Coverity on Polaris

o        Polaris

o        GitHub Application Security

•        Manage user access, configurations, and scan operations

•        Import SAST data into Power BI for:

o        Security trend analysis

o        Risk dashboards

DAST (Dynamic Application Security Testing)

•        Administer tool configurations and access

•        Import scan data into Power BI for analytics and reporting

SCA (Software Composition Analysis)

•        Administer tool usage, scan scheduling, and configurations

•        Import vulnerability and license risk data into Power BI

Vulnerability Management (Tenable)

•        Run vulnerability scans for product teams as required

•        Import scan data into Power BI

Required Skills & Competencies

Technical Skills :

•        Strong knowledge of:

o        Web, Mobile, Thick Client, and Network Security

•        Hands-on experience with:

o        Nessus / Tenable.SC

o        WhiteHat DAST

o        Black Duck SCA

o        Coverity / Polaris / GitHub Security

o        Power BI (data import, analysis, dashboard creation)

•        Understanding of AWS Cloud, containers, and infrastructure security

•        Exposure to Jira administration

Soft Skills :

•        Strong analytical and problem-solving skills

•        Ability to communicate security risks clearly to technical and non-technical stakeholders

•        Collaborative mindset with application, development, and product teams

•        Good documentation and reporting skills

Preferred Qualifications :

•        Certifications such as:

o        CEH, OSCP, GWAPT, AWS Security Specialty (preferred)

•        Experience in regulated or enterprise environments

•        Familiarity with DevSecOps practices and CI/CD security integration

Skills: Vulnerability Assessment and Penetration Testing

If you are interested, please share your updated resume and suggest the best number & time to connect with you.

Ajit Kumar US IT Recruiter, DMS VISION Inc   |