Job Title: Application Security Penetration Tester
Location: New York, NY / Flushing, NY / Dobbs Ferry, NY / Armonk, NY (Onsite)
Duration: 12+ Months
Experience Required: 6–8 Years
Role Overview
We are seeking an experienced Senior Application Security Pentester to perform infrastructure and application penetration testing for enterprise environments supporting BNP Paribas.
This role focuses on identifying real-world exploitability, reducing security risk, and ensuring compliance with regulatory requirements and internal information security policies. The candidate will act as a trusted security advisor, providing actionable guidance to technical and business stakeholders.
Key Responsibilities
Penetration Testing & Security Assessment
Perform routine infrastructure and application penetration testing to identify vulnerabilities
Conduct:
Web application & web services penetration testing
Network penetration testing
Mobile application penetration testing
Thick client penetration testing
Use automated and manual testing techniques, including tools such as Burp Suite
Vulnerability Analysis & Exploitation
Curate and assess vulnerability data across multiple platforms and tools
Focus on true exploitability and eliminate false positives
Perform code-level vulnerability assessment to validate findings
Conduct focused security research when not on active engagements
Architecture Security & Threat Modeling
Perform architecture security reviews and threat modeling as required
Review test cases periodically to ensure testing effectiveness
Advisory & Stakeholder Support
Provide clear, actionable remediation guidance to customers (written and verbal)
Support internal teams with remediation actions, disclosures, and vulnerability responses
Answer client questions related to identified vulnerabilities and security posture
Tooling, Process & Risk Management
Help develop tooling deployments and scanning configurations to enhance testing effectiveness
Escalate high-risk findings and urgent issues to Regional Operations leadership
Contribute to continuous improvement initiatives to reduce organizational security risk
Required Skills & Qualifications
6–8 years of hands-on experience in Vulnerability Assessment and Penetration Testing
Strong experience in:
Application & infrastructure penetration testing
Manual exploitation techniques
False-positive analysis and validation
Knowledge of scripting languages for testing and automation
Experience with security testing tools (e.g., Burp Suite)
Strong communication skills with the ability to explain technical risks clearly
Preferred Certifications
CISSP
OSCP / CPT / CEPT / CMWAPT
Key Competencies
Application & Infrastructure Penetration Testing
Vulnerability Assessment & Exploitation
Threat Modeling & Architecture Security
Secure Code Review
Risk Identification & Remediation Advisory
Thanks & Regards
Ishita Bali
Novia Infotech LLC
4421 Avenida Ln, McKinney, TX 75070
Email: ishita.b@noviainfotech.com
You received this message because you are subscribed to the Google Groups "NoviaJobs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to noviajobs+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/noviajobs/CAGiqXEBBgn6jqu6ZbHAPJ5u23_PmMvzawd-ceNDVDfTRXQ1rUQ%40mail.gmail.com.
No comments:
Post a Comment