Logo
Tevora

Information Security Consultant (Mobile and Web Application Penetration)

Tevora, Fairfax, Virginia, United States, 22032


Information Security Consultant (Mobile and Web Application Penetration)

About Us

Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.

About The Role

Tevora is looking for a talented and experienced professional to join our Penetration Testing team. The right candidate will have technical proficiency, experience in Application Penetration Testing or related fields, and a passion for information security. In this position, you will analyze and attack our clients' networks, API, and web applications to ensure they are secured against the latest threats.

This is a growth-oriented role within Tevora's consulting team and you will be expected to provide thought leadership to the overall practice through meaningful client work, security community involvement, as well as continuing education.

Essential Functions

Perform application penetration testing, including fuzzing, application logic testing, and source code analysis.Perform mobile application testing on iOS and Android platforms.Produce high-quality penetration testing reports for client executives and technical personnelPresent the results of penetration testing activities, including an explanation of findings and recommended remediationsWork directly with clients over phone, email, and chat to kickoff projects, answer technical questions, and debrief penetration test findingsIdentify and implement improvements to testing processes and methodologiesPerform research and tool development to support and advance Tevora's practice.Qualifications

Ability to learn and willingness to be challenged.Proficiency with Burp Suite and/or ZAP.Experience with the theory and usage of penetration testing frameworks such as OWASP Testing Guide v4, Web App Hackers Handbook NIST or PTESKnowledge and understanding of security engineering basics including but not limited to a system and network security, authentication and security protocols, cryptography, mobile and web application securityExperience using various penetration testing and analysis tools (such as IDA, Ghidra, Drozer, Frida, Cycript, NMAP, MobSF, Nessus, Cobalt Strike, Burp Suite, ZAP, Metasploit, Rubeus, BloodHound etc.) on Windows, Linux, iOS, and AndroidKnowledge of scripting languages (such as, Python, Ruby, Perl, Bash, VB/WScript, PowerShell, etc.)Experience with web frameworks and source code reviewProgramming experience with C++, C, C#, Go, Python, Java, Kotlin, Objective C, Swift, or JavaScript preferredHardware hacking experience is a bonus (JTAG, NAND dumping, finding your way around a board with a multimeter)Abilities

Excellent written and verbal communication, multi-tasking, time management, and analytical abilitiesDynamic, enthusiastic attitude with the ability to make concrete progress in the face of ambiguity with a strong sense of ownership, urgency, and drive.Education and Experience

Minimum of 2-3 years of professional experience performing mobile or web application penetration tests or similar technical consulting experience.Industry certifications (e.g. OSCP, OSCE, GWAPT, GPEN, GXPN, OSWE, or other) or Bachelor's Degree in a related fieldAdditional Qualifications:

Valid driver's license as driving will be required in this roleEligible to work in the United StatesBenefits:

Comprehensive Healthcare Benefits401k w/ Employer MatchingPaid VacationsPaid HolidayVibrant Work Culture

Tevora is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.