Penetration Testing Specialist
Tasks
- Assess mobile application security
- Assess web application security
- Audit JWT implementations
- Audit OAuth 2 0
- Audit OIDC implementations
- Build executive and technical reports
- Conduct application security code reviews
- Design Purple Team exercises
- Execute penetration tests
- Generate security evidence for compliance
- Handle secrets securely
- Manage bug bounty program
- Operate IaC scanning
- Operate appsec toolchain DAST
- Operate appsec toolchain SAST
- Operate appsec toolchain SCA
- Operate secrets scanning
- Perform signed webhook security testing
- Plan penetration tests
- Review authorization flaws
- Review concurrency and race conditions
- Review financial logic bugs
- Review input validation
- Review webhook signatures
- Run bug bashes
- Run business logic vulnerability testing
- Run internal CTFs
- Run threat modeling program
- Secure partner integrations
- Test API security
- Test cloud infrastructure security
- Test internal network security
- Test rate limiting and idempotency
- Track findings to closure
Perks/Benefits
- N/A
Skills/Tech-stack
API Security | API Security Top 10 | Application Security | BFLA | BOLA | CORS | CORS SameSite | CSP | CVSS | Cloud Security | DAST | Deserialization | Frida | Fuzzing | IAC scanning | ISO 27001 | Idempotency | JWT | LINDDUN | MITRE | MITRE ATLAS | Mass Assignment | MobSF | Mobile Application Security | Mobile application | NIST | OAuth 2 | OAuth 2 0 | OIDC | OWASP API | OWASP API Security | OWASP API Security Top 10 | OWASP ASVS | OWASP MASTG | OWASP Top | OWASP Top 10 | OWASP WSTG | Objection | PASTA | PKCE | PTES | Penetration Testing | Prototype Pollution | Race conditions | Rate Limiting | SAST | SCA | SSL Pinning | SSL pinning bypass | SSRF | STRIDE | Secrets Scanning | Signed Webhooks | Template Injection | Threat modeling | Top 10 | Web Application | Web application security
Education
N/A
Related jobs
-
Security Solutions Principal - AI Security USD 153K-191KAI Security | Access Management | Adversarial Attacks | Adversarial Testing | Adversarial Testing Tools401k matching | Bereavement | Employee assistance program | Health dental vision care | HolidaysSenior-level Full TimeRemote - Nationwide, United States R6h ago
-
AI Security Engineer USD 140K-170KAI Act | AI Governance | AI RMF | Agent Orchestration | Anomaly Detection401k plan with company matching | Employee assistance program | Employee discount program | Health, dental, and vision care | HolidaysSenior-level Full TimeRemote - Nationwide, United States R6h ago
-
Cloud Security Engineer (w/m/d) EUR 57K-90KAmazon Web Services | Best practices | Cloud Security | Infrastructure as Code | MicroservicesMid-level Full TimeDeutschlandweit R13h ago
-
Security Engineer/Backend developer (StorageGRID) INR 2000K-4000KABAC | API Security | Access Management | CI/CD | Code reviewSenior-level Full TimeBangalore, India Office (BANGALORE) R18h ago
-
Data Security Engineer RON 312K-396KAPI Security | Access Governance | Access Management | Bash | Cloud SecurityCareer advancement | Competitive compensation packages | Flexible work settingSenior-level Full TimeRomania - Remote R23h ago
-
Senior Cybersecurity Engineer - Freelance PLN 340K-340KAccess Control | Agile | Best practices | Cloud Security | Cloud platformAgile process | Code review | Continuous integration | Flexible schedule | Internal knowledge baseSenior-level FreelancePoznań, Greater Poland Voivodeship, Poland - … R23h ago
-
Security Engineer 1, Application Security USD 100K-160KASLR | Application Security | Automation | Buffer overflow | C#401k match | Community events | Company paid insurance | Dental insurance | Disability insuranceEntry-level Full TimeUnited States - Remote R23h ago
-
Security Engineer II, Detection and Response USD 122K-165KAI Security | AI for SOC | AWS | Anomaly Detection | BlockchainMid-level Full TimeU.S. - California, United States R23h ago
-
AI Security Engineer USD 100K-150KAccess Management | Adversarial Machine Learning | Application Security | Cloud Security | CryptographyRemote workSenior-level Full TimeUnited States - Remote R23h ago
-
Oracle Cloud Security Engineer USD 100K-150KBash | CIS Benchmarks | Cloud Guard | Cloud infrastructure | Data SafeMid-level Full TimeUnited States - Remote R23h ago
-
Application Security Engineer USD 100K-150KAbuse detection | Agile | Application Firewall | Authentication | AuthorizationMid-level Full TimeUnited States - Remote R23h ago
-
Sr. Engineer | - VMS |Onsite, Bangalore INR 2500K-3500KAWS | Agentless Scanning | Asset Criticality | Attack surface | Attack surface managementProfessional training resources | Remote work support | Volunteer opportunities | Work-life balanceSenior-level Full TimeBangalore, India R23h ago
-
AI Security | Application Security | Automation | C2 frameworks | Command and controlCafeteria benefits plan | English classes | Equipment provided | Flexible working hours | Hybrid work modelMid-level Full TimeWarszawa, PL, 00-841 R2d ago
-
Principal Security Engineer USD 191K-315KAWS | Access Management | Authentication | Azure | CI/CDBonuses | Disability insurance | Life insurance | Paid parental leave | Paid time offSenior-level Full TimeRemote, United States R3d ago
-
Information Security Engineer USD 135K-170K800-171 | 800-53 | AWS GovCloud | Azure Government | Azure SecurityCompany non profit matching | Global volunteer day | Mindfulness app membership | Paid parental leave | Paid time offMid-level Full TimeUnited States; Remote R3d ago
-
DLP Security Engineer EUR 42K-84KCASB | Cloud DLP | Cloud Security | Data Loss Prevention | Data lossAnnual company events | Hybrid work model | Paid sabbatical | Stock options | Wellness perksSenior-level Full TimeTallinn, Estonia R3d ago
-
Senior Azure Cybersecurity Content Engineer GBP 88K-100KAccess Management | Azure Security | Azure security architecture | Bash | Defender for Cloud100% remote | 401k pension | Company retreat | Enhanced maternity and paternity | Flexi-timeSenior-level Full TimeLondon, United Kingdom R3d ago
-
Platform & Security Engineer (m/f/d) PLN 252K-312KAPI Gateway | API Security | AWS | Access policies | CI/CDCompany events | Flexible working hours | International team | Private medical care | Remote work optionsSenior-level Full TimeRemote (Poland) R3d ago
-
AI Act | AI Security | Access reviews | Audit Readiness | BCPInternal mobility | Remote-friendly culture | Supportive inclusive culture | Work-life balanceSenior-level Full TimePoland, REMOTE, Poland R3d ago
-
Senior Security Engineer - Platform Security AUD 145K-185KAWS | ArgoCD | Buildkite | CI/CD | Cloud SecurityFlexible leave options | Hybrid work | Inclusive parental leave | Wellbeing allowanceSenior-level Full TimeMelbourne, VIC, Australia R3d ago
-
Senior Security Engineer - Platform Security AUD 142K-158KAWS | ArgoCD | Buildkite | CI/CD | Container SecurityFlexible leave | Hybrid work | Inclusive parental leave | Office setup allowance | Wellbeing allowanceSenior-level Full TimeSydney, NSW, Australia R3d ago
-
DevSecOps Lead USD 165K-200KBranch protection | CI/CD | Code Scanning | Code review | Container Image401k match | Flexible vacation | Flexible work hours | Learning reimbursement | Parental leaveSenior-level Full TimeUS Remote R3d ago
-
Senior-level Full TimeIndia R3d ago
-
AWS | CI/CD | Cloud Computing | Cloud Security | DevSecOpsActive TS/SCI clearance required | Hybrid remote workMid-level Full TimeWashington, DC R3d ago
-
Ingénieur SecOps H/F EUR 45K-55KActive Directory | Authentication | Azure Security | Certificate management | Cloud SecurityE-learning access | Hybrid work | Integration events | Meal tickets | Mobility assistanceMid-level Full TimePessac, FR R3d ago