IT Security Specialist - Charlotte, NC

job summary:

#LI-VB1

I can not work C-C or through a third party on this role

- Specializes in web application penetration testing and security validation activities across enterprise platforms.

- The role involves conducting security assessments using industry tools, reporting findings to stakeholders, coaching development teams on secure coding practices, and ensuring remediation of vulnerabilities.

- The engineer collaborates with security, risk, and governance partners to continuously enhance the organization's application security posture.

Key Responsibilities

- Conduct web application penetration testing assessments in accordance with established processes and procedures using tools such as Burp Suite Pro, Fiddler, SoapUI, and similar.

- Identify, analyze, and document application vulnerabilities and security risks.

- Report security findings clearly to stakeholders including Application Managers, Development Teams, and other partners.

- Coach and guide development teams on secure coding practices and remediation strategies.

- Track and facilitate remediation of identified vulnerabilities across multiple application portfolios

- Identify emerging threats and proactively implement preventative and detective security controls.

- Maintain strong relationships with risk, security, and governance stakeholders.

location: Charlotte, North Carolina

job type: Solutions

salary: $70 - 76 per hour

work hours: 9am to 5pm

education: Bachelors



responsibilities:

• Conduct web application penetration testing assessments in accordance with established processes and procedures using tools such as Burp Suite Pro, Fiddler, SoapUI, and similar.
• Identify, analyze, and document application vulnerabilities and security risks.
• Report security findings clearly to stakeholders including Application Managers, Development Teams, and other partners.
• Coach and guide development teams on secure coding practices and remediation strategies.
• Track and facilitate remediation of identified vulnerabilities across multiple application portfolios
• Identify emerging threats and proactively implement preventative and detective security controls.
• Maintain strong relationships with risk, security, and governance stakeholders.
• Publish monthly dashboards and reports on vulnerabilities, trends, and remediation status.
• Contribute to the development and enhancement of the application security knowledge base.

qualifications:

- 5+ years of relevant experience in application security or penetration testing.

- Strong knowledge of web technologies (e.g., Java, .NET, web architectures).

- Solid understanding of OWASP Top 10 Application Security Risks and security best practices.

- Hands-on experience with tools such as Burp Suite Professional, Netsparker, SQLMap, and related tools.

- Knowledge of current security threats, vulnerabilities, and industry trends

- Good understanding of SDLC phases and environments (DEV, SIT, UAT, PROD).

- Strong analytical and problem-solving skills with fact-based decision-making capabilities.

- Ability to identify risks, drive discussions, escalate issues, and support resolution.

- Ability to work independently with minimal supervision.

- Strong communication skills with the ability to collaborate across global teams.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.