Application Offensive Security Consultant

The Application Offensive Security Consultant will be a critical member of the Application Security team, contributing to the Technology Risk initiative. This role focuses on conducting offensive security assessments on applications while providing subject matter expert (SME) guidance to key projects. The ideal candidate should have a strong understanding of application security testing, red teaming, and penetration testing, equipped to guide project initiatives and ensure adherence to security best practices. Compensation and Benefits Competitive salary based on experience Health benefits Flexible working conditions Why you should apply for this position today This position offers the chance to work at the forefront of application security, providing opportunities to engage in meaningful security assessments. You will work collaboratively with various teams, enhancing your skills while contributing to significant projects that impact the organization. Skills Minimum of 6 years of experience in application security testing At least 4 years of experience in conducting red teaming engagements Proficiency with application security testing tools such as Burp Suite Professional and OWASP ZAP Ability to perform manual security testing and utilize live off the land strategies Strong understanding of vulnerabilities in OWASP Top 10 and SANS Top 25, along with effective defense techniques Familiarity with the MITRE Framework and adversarial methodologies Capability to bypass controls and test countermeasures for misconfigurations Excellent multitasking and the ability to work under pressure OSCP or GWAPT certification is a plus Responsibilities Perform red teaming against applications and APIs Conduct application threat hunting to assess risks Execute manual (non-automated) security testing of applications Provide vulnerability information in predefined report formats following manual testing methodologies Generate assessment reports and summarize findings for remediation, documenting technical issues identified during security assessments Act as a subject matter expert in response to security engineering questions related to application defense enhancements Collaborate with Security Architects, Product Managers, Risk Managers, and other teams to deliver high-quality products Note: Responsibilities may extend beyond those listed above. Qualifications Minimum of 6 years of related experience Bachelors Degree and/or equivalent experience This is not a penetration testing role; it extends beyond traditional pen testing. Education Requirements Bachelors Degree in a related field or equivalent experience Experience Requirements Minimum of 6 years of experience in application security testing At least 4 years of experience in red teaming engagements Proficiency with application security testing tools and methodologies Employment Type : Contractor Education Level : Bachelor's degree Additional Requirements Must be a US Citizen or Green Card holder.

#J-18808-Ljbffr