Application Penetration Tester II

Overview

On Site
$160000
Full Time

Job Details

Job Title: Application Security Tester (Mid-Level)
Employment Type: Full-Time
Location: Onsite – Washington, DC
Work Authorization: Must be authorized to work in the U.S. (no sponsorship available)


Overview

We are seeking a mid-level Application Security Tester. The ideal candidate will have strong communication skills, a passion for innovation, and the ability to solve complex problems in a collaborative environment. This role involves hands-on security testing of web and mobile applications, including code reviews and validation of security controls.


Key Responsibilities

  • Perform security assessments on web and mobile applications, including penetration testing and vulnerability analysis.
  • Conduct source code reviews and provide actionable security recommendations.
  • Utilize static and dynamic analysis tools to identify and remediate vulnerabilities.
  • Integrate security testing into CI/CD pipelines and development workflows.
  • Validate security controls for applications and backend services.
  • Document and communicate findings to technical and non-technical stakeholders.
  • Stay current with emerging threats and testing methodologies.
  • Contribute to internal tooling and process improvements.

Required Qualifications

 
  • Strong understanding of application, network, and system security principles.
  • Proficiency with Windows and Linux environments.
  • Familiarity with programming languages such as Python, Java, C#, or similar.
  • Hands-on experience with tools like Burp Suite, OWASP ZAP, and other SAST/DAST/SCA platforms.

Preferred Qualifications

  • Experience with mobile app security testing and reverse engineering.
  • Knowledge of container and cloud security (Docker, Kubernetes, AWS, Azure).
  • Industry certifications such as OSCP, GWAPT, GPEN, or similar.
  • Contributions to the security community (e.g., open-source, research, bug bounties).
  • Experience with API security testing and automation.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.