Application Security Tester and Source Code Review

Onsite / Washington, DC

Our client is seeking a Application Security Tester and Source Code Review professional to join a great team! This role is tailor-made for someone who brings passion, expertise, and a visionary outlook to the table—someone who is ready to drive projects that redefine what's possible in cybersecurity.

Job Summary

• Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
• Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
• Executing Tests/Assessments and Drafting Reports: Similar to the Red Team, executes detailed assessments and compiles findings into reports for further review and action. 

Required Qualifications

• Bachelor’s degree in Computer Science, Software Engineering, or related field.
• Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
• 3+ years of experience in application security testing and source code review.
• Proficiency in multiple programming languages and understanding of secure coding practices.
• Strong analytical skills and attention to detail for identifying vulnerabilities.
• Proficiency with the following tools is required:
• Checkmarx
• Synopsis
• Corellium
• Burb Suite Pro
• Acunetix
• VeraCode
• SAST & DAST Tools
• Plextrac
• Mandiant 
• Cobalt Strike
• Cloud security (AWS / Azure / Oracle
• Postman
• SmartBear Ready
• API and SoapUI
• Hashicorp Vault

#LI-PS1