Web Application Penetration Tester - Mobile

Equifax is looking for a Mobile Web Application Penetration Tester to join our cybersecurity team. As a Mobile Web Application Penetration Tester you will be responsible for assessing the security posture of mobile applications across various platforms, identifying vulnerabilities, and providing recommendations for remediation. You will work closely with our senior penetration testers to conduct thorough security assessments and contribute to the enhancement of our clients' mobile application security.

What you’ll do

• Under supervision from leadership, utilize a defined methodology to conduct security assessments of mobile web applications on Android and iOS platforms
• Perform manual and automated mobile web application penetration testing to identify security vulnerabilities that align with the  OWASP Mobile Top 10
• Document findings, including detailed descriptions of vulnerabilities and recommended remediation steps
• Collaborate with development teams to ensure vulnerabilities are addressed effectively
• Stay updated on the latest mobile security trends, vulnerabilities, and exploitation techniques
• Provide support in creating security guidelines and best practices for mobile application development

What experience you need

• 3+ years of experience in cyber security.
• 1+ years of experience in mobile penetration testing of web applications and API’s, including strong understanding of mobile application development concepts and architectures for both Android and iOS platforms.
• 1+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP).
• 1+ years of experience and knowledge of common security vulnerabilities and attack vectors specific to mobile applications.
• 1+ years of programming languages experience such as Java, Kotlin, Objective-C, or Swift.
• Fully bilingual in Spanish/English; proficiency level B2 or higher (Belt) 

What could set you apart

• Relevant certifications such as Certified Mobile Application Security Tester (CMAS), Certified Secure Mobile Developer (CSMD), or similar are a plus.
• Eagerness to learn and stay updated on emerging mobile security trends and technologies.
• Ability to work effectively in a team environment and communicate technical concepts clearly.
• Development skills - Python preferred.
• Ability to work independently.
• Ability to explain technical concepts at different levels.
• Excellent problem-solving skills and attention to detail.
• Strong communication, both verbal and written.
• Ability to work effectively in a team environment and communicate technical concepts clearly.
• Eagerness to learn and stay updated on emerging mobile security trends and technologies.

Primary Location:

CRI-Sabana

Function:

Function - Security Governance and Compliance

Schedule:

Full time