Epicareer Might not Working Properly
Learn More
Please Turn on your JavaScript

Epicareer might not working properly because your browser javascript is turned off.

What is JavaScript?

JavaScript is like the magic behind making websites interactive. Basically, it makes Epicareer more enjoyable and engaging.
How do i turn this on?
Find tutorial for your browser below :
  1. Make sure the webpage is open.
  2. In the Safari app on your Mac, choose Safari > Preferences, then click Security.
  3. Make sure the Enable JavaScript checkbox is selected.
  4. Click Websites.
  5. On the left, click Content Blockers.
  6. Make sure Off is chosen in the pop-up menu next to the website.
  7. On the left, click Pop-up Windows.
  8. Make sure Allow is chosen in the pop-up menu next to the website.
Visit Site here
  1. Open Chrome on your computer.
  2. Click. then Settings.
  3. Click Privacy and Security.
  4. Click Site settings.
  5. Click JavaScript.
  6. Select Sites can use Javascript.
Visit Site here
  1. If you're running Windows OS, in the Firefox window, click Tools > Options.
  2. Tip: If you're running Mac OS, click the Firefox drop-down list > Preferences.
  3. On the Content tab, click the Enable JavaScript check box.
Visit Site here
  1. Click the "Settings and more" icon at the top right of the Edge browser window.
  2. Click Settings.
  3. From the Settings menu, click Cookies and site permissions.
  4. Scroll down and click on JavaScript.
  5. In the JavaScript window, toggle the slider to "on" or "allowed."
  6. Close the Settings tab.
  7. Refresh the page.
Visit Site here
  1. Go to Settings.
  2. Click Advanced in the left sidebar, and click Privacy & security.
  3. Under Privacy and security, click Site settings.
  4. Click JavaScript.
  5. At the top, turn on or off Allowed (recommended).
Visit Site here
Any Question? Contact us
logo
Jobs or company...

Lead Application Penetration Tester

Salary undisclosed

Apply on

Dice

Availability Status

This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.

Original
Simplified

Job Description

Job Description

Lead Application Penetration Tester

Onsite / Washington, DC

Job Overview

Our client is seeking a highly skilled and experienced Lead Application Penetration Tester to join their dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to identify and mitigate vulnerabilities. The successful candidate will play a critical role in ensuring the security of our applications and guiding our security testing and vulnerability triage.

As a lead, you will oversee a comprehensive security assessment of a cloud-native, microservices-based architecture. Your focus will be on web and mobile applications, cloud security testing, adversary emulation, and continuous security posture improvement. You will mentor junior team members and lead the development of security strategies and best practices.

You will leverage your expertise in application security, utilizing tools such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) to perform both static and dynamic source code reviews. Additionally, you will employ threat modeling and threat actor attack pathing to continually validate the effectiveness of the customers security controls.

The primary goal is to ensure that the security controls implemented by the organization are functioning as intended. By doing so, you will enhance the overall security defenses and collaborate with global development teams to maintain the ongoing security of the globally adopted application.

Job Description Highlights

Leadership and Mentorship:

  • Lead and mentor a team of penetration testers, providing guidance and support to ensure high-quality security assessments.

Security Testing of Developer Operationsand Mobile Apps:

  • Conduct and oversee thorough security testing of developer operations and mobile applications (iPhone and Android).
  • Identify security issues and vulnerabilities.

Source Code Reviews:

  • Perform and supervise in-depth source code reviews to identify security flaws or weaknesses.

Executing Tests/Assessments and Drafting Reports:

  • Execute and oversee detailed assessments, compile findings into reports, and present actionable recommendations to stakeholders.

Strategy Development:

  • Develop and implement security testing strategies and best practices to enhance the organizations security posture.

Collaboration:

  • Collaborate with global development teams to maintain the ongoing security of the globally adopted application.

Required Skills and Experience:

  • Bachelors degree in computer science, Software Engineering, or related field, or equivalent job experience.
  • Professional certifications such as GWAPT (GIAC Web Application Penetration Tester), OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar.
  • 5-7 years of experience in application security testing and source code review with at least 2 years in a leadership role.
  • Proficiency in multiple programming languages and understanding of secure coding practices.
  • Strong analytical skills and attention to detail for identifying vulnerabilities.
  • Testing Developer Flows and Mobile Apps: Conducts thorough security testing of developer workflows and mobile applications (for both iPhone and Android platforms), identifying security issues and vulnerabilities.
  • Conducting Source Code Reviews: Performs in-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications.
  • Executing Tests/Assessments and Drafting Reports: Executes detailed assessments and compiles findings into reports for further review and action.

Tools and Technologies:

Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault.

Benefits

Beyond a role, joining OnDefend means becoming part of a community dedicated to making a difference. Our client offers:

Health and Wellness

  • Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.

Financial Benefits

  • Health Insurance: Comprehensive health insurance plans covering medical, dental, and vision.
  • 401(k) Matching: Company matches contributions to the 401(k) retirement plan up to a certain percentage.

Work-Life Balance

  • Generous Paid Time Off (PTO): Including vacation days, sick leave, and holidays to help you recharge and spend time with loved ones.

Professional Development

  • Training and Development: Access to professional development programs, workshops, and certifications.
  • Tuition Reimbursement: Financial support for further education and courses related to the job.
  • Career Growth Opportunities: Clear career progression paths and opportunities for promotion.

Company Culture

  • Inclusive Environment: A diverse and inclusive workplace where all employees feel valued.
  • Team Building Activities: Regular team-building events and social gatherings.

Additional Perks

  • Technology and Tools: Access to the latest technology and tools needed to perform the job effectively.

#LI-PS1

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job
Similar Jobs

1d ago

Senior Test Analysts
Aroha Technologies
A
United States of America

Full Time, onsite, onsite

Salary undisclosed