Hi,
Only local to New York or New
Jersey
Job Title: Senior Application Security Pentester
Location: New York, NY / Flushing, NY /
Dobbs Ferry, NY / Armonk, NY (Onsite)
Duration: 12+ Months
Experience Required: 6–8 Years
Role Overview
We are seeking an experienced Senior Application Security Pentester to perform infrastructure and application penetration testing for enterprise environments supporting BNP Paribas.
This role focuses on identifying real-world exploitability, reducing security risk, and ensuring compliance with regulatory requirements and internal information security policies. The candidate will act as a trusted security advisor, providing actionable guidance to technical and business stakeholders.
Key Responsibilities
Penetration Testing & Security Assessment
· Perform routine infrastructure and application penetration testing to identify vulnerabilities
· Conduct:
o Web application & web services penetration testing
o Network penetration testing
o Mobile application penetration testing
o Thick client penetration testing
· Use automated and manual testing techniques, including tools such as Burp Suite
Vulnerability Analysis & Exploitation
· Curate and assess vulnerability data across multiple platforms and tools
· Focus on true exploitability and eliminate false positives
· Perform code-level vulnerability assessment to validate findings
· Conduct focused security research when not on active engagements
Architecture Security & Threat Modeling
· Perform architecture security reviews and threat modeling as required
· Review test cases periodically to ensure testing effectiveness
Advisory & Stakeholder Support
· Provide clear, actionable remediation guidance to customers (written and verbal)
· Support internal teams with remediation actions, disclosures, and vulnerability responses
· Answer client questions related to identified vulnerabilities and security posture
Tooling, Process & Risk Management
· Help develop tooling deployments and scanning configurations to enhance testing effectiveness
· Escalate high-risk findings and urgent issues to Regional Operations leadership
· Contribute to continuous improvement initiatives to reduce organizational security risk
Required Skills & Qualifications
· 6–8 years of hands-on experience in Vulnerability Assessment and Penetration Testing
· Strong experience in:
o Application & infrastructure penetration testing
o Manual exploitation techniques
o False-positive analysis and validation
· Knowledge of scripting languages for testing and automation
· Experience with security testing tools (e.g., Burp Suite)
· Strong communication skills with the ability to explain technical risks clearly
Preferred Certifications
· CISSP
· OSCP / CPT / CEPT / CMWAPT
Key Competencies
· Application & Infrastructure Penetration Testing
· Vulnerability Assessment & Exploitation
· Threat Modeling & Architecture Security
· Secure Code Review
· Risk Identification & Remediation Advisory
---
You received this message because you are subscribed to the Google Groups "NoviaJobs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to noviajobs+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/noviajobs/CANVQszEOFnVgyNnXABLfbkxpNyUC3DioKmYjm7rSBa20En7gQw%40mail.gmail.com.
No comments:
Post a Comment