Penetration Tester - Application Security
Location: Fort Mill, SC
Duration: 12+ Months
Experience Required: 4–6 Years
Role Overview
We are seeking an Application Security Penetration Tester with strong expertise in security testing and a background in software development. The role focuses on identifying vulnerabilities, conducting penetration testing, and improving application security posture across enterprise systems.
The ideal candidate will have hands on experience with security testing tools, knowledge of OWASP standards, and the ability to collaborate with development teams to enhance secure coding practices.
Key Responsibilities
Perform regular application security testing including SAST, DAST, and SCA.
Conduct penetration testing on applications and systems to identify vulnerabilities.
Analyze and validate security findings and provide remediation recommendations.
Test application changes before deployment to ensure security compliance.
Track and report vulnerabilities and maintain security dashboards.
Collaborate with development teams to improve secure coding practices.
Review source code to identify security risks and duplication issues.
Automate security scans and integrate them into CI CD pipelines.
Use security tools such as Fortify, Burp Suite, Checkmarx, AppScan, and Veracode.
Support incident response and security investigations.
Participate in advanced security testing activities including red team and purple team exercises.
Enhance threat modeling and asset management processes.
Required Skills and Qualifications
Education
Bachelor’s degree in Computer Science, Information Security, or a related field is preferred.
Experience
4–6 years of experience in application security and penetration testing.
Experience in software development with exposure to secure coding practices.
Technical Skills
Strong understanding of internet architecture and web application security.
Experience with security testing methodologies including SAST, DAST, SCA, and OWASP Top 10.
Hands on experience with vulnerability assessment and manual testing techniques.
Experience with security tools such as Checkmarx, AppScan, Fortify, and Veracode.
Experience with API testing, web services, and JSON.
Programming knowledge in languages such as .NET, C, Java, or Python.
Knowledge of JavaScript frameworks such as Node.js and React.
Experience with web development technologies including HTML and related frameworks.
Experience with CI CD tools such as Jenkins and version control systems like GitHub.
Knowledge of relational databases such as SQL Server and MySQL.
Basic understanding of cloud platforms such as Azure.
Soft Skills
Strong analytical and problem solving skills.
Excellent communication and stakeholder management abilities.
Ability to work collaboratively with development and security teams.
Strong attention to detail and documentation skills.
Preferred Qualifications
Experience in secure SDLC and DevSecOps practices.
Exposure to red team or purple team security exercises.
Familiarity with enterprise security governance and compliance frameworks.
Thanks & Regards
Ishita Bali
Novia Infotech LLC
4421 Avenida Ln, McKinney, TX 75070
Email: ishita.b@noviainfotech.com
You received this message because you are subscribed to the Google Groups "NoviaJobs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to noviajobs+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/noviajobs/CAGiqXEDcbMQLGbt44MBaFkiv4-Hz8U6%2B_94RxdrpWbd%2BaSWDcg%40mail.gmail.com.
No comments:
Post a Comment