Application Security Tester-Seattle WA
Salary undisclosed
Apply on
Original
Simplified
Job Title: Application Security Tester
Duration: 12-18 months
Location: Seattle, WA
Required Pay Scale: $60-$65hr - W2 ONLY, NO C2C
Job Summary:
As a Application Security Tester, you will be performing authorized security testing on some of the very complex, massive scale, and highly critical applications. You must be self-directed, able to work independently, as well as work in a team-oriented and fast paced environment.
You need to be aware of a varied application security domains like authentication, authorization, identity management, cryptography, etc. As part of a shift left focus, you will be working part of the development team along with developers to proactively identify any security vulnerabilities (OWASP Top 10, SANS Top 25, CWE) at the earliest before they are discovered late in cycle by InfoSec teams or in production. You will be working as a liaison between the Infosec team and development teams, understanding the security issues reported by central InfoSec teams to development teams to help them understand and fix them.
You require very good communication and presentation skills to be able to present your findings to Leadership/Management/Development teams to help them understand the Risk so that they can take informed decisions on mitigations, controls and residual risk. You need to be highly passionate in following the constantly changing threat landscape and familiarize with latest security vulnerabilities that impacts the teams.
Responsibilities:
Conduct web application security testing on the Bank applications and report the findings to Leadership / Management / Development teams
Understand the security issues reported by InfoSec teams and work with development teams to make them understand and fix.
Evangelize application security concepts within development community to help prevent the security vulnerabilities in first place.
Required Skills
Deep understanding of different web application technologies, web protocols (HTTP, HTTPS, etc.), browser technologies, etc.
In depth domain understanding of application security in terms of Identity and Access Management (IAM), different authentication technologies (passwords, biometrics, OTP, digital certificates & PKI, device authentication, FIDO U2F/Passkeys, etc.
Proven expertise on different security testing tools (Proxy tools like Fiddler, Black box security testing tools like Burp, Static Security Code analysis tools,
Deep understanding of different application security vulnerabilities such as OWASP Top 10, SANS Top 25, CWE, attack patterns (CAPEC), etc.
Bachelor's Degree in Computer Science or equivalent experience.
Must be self-directed, able to work independently, as well as work in a team-oriented and fast paced environment
Must Haves
Desired Skills:
Working experience on different security technologies and standards like Single Sign On (SSO) using SAML/OpenID, OAuth protocols, etc.
Good understanding of Cryptographic algorithms and standards like Symmetric/Assymetric crypto techniques, digital signatures, JWS/JWE tokens, Hardware Security Modules (HSMs), etc.
Understanding of Security vulnerabilities related to Cloud environments is an added advantage.
Well known Security certifications is an added advantage
Understanding of Threat Modelling concepts and Secure Development Life Cycle processes.
Mobile Application Security familiarity is desirable.
About Matlen Silver
Experience Matters. Let your experience be driven by our experience. For more than 40 years, Matlen Silver has delivered solutions for complex talent and technology needs to Fortune 500 companies and industry leaders. Led by hard work, honesty, and a trusted team of experts, we can say that Matlen Silver technology has created a solutions experience and legacy of success that is the difference in the way the world works.
Matlen Silver is an Equal Opportunity Employer and considers all applicants for all positions without regard to race, color, religion, gender, national origin, age, sexual orientation, veteran status, the presence of a non-job-related medical condition or disability, or any other legally protected status.
If you are a person with a disability needing assistance with the application or at any point in the hiring process, please contact us at email and/or phone at: //
Duration: 12-18 months
Location: Seattle, WA
Required Pay Scale: $60-$65hr - W2 ONLY, NO C2C
Job Summary:
As a Application Security Tester, you will be performing authorized security testing on some of the very complex, massive scale, and highly critical applications. You must be self-directed, able to work independently, as well as work in a team-oriented and fast paced environment.
You need to be aware of a varied application security domains like authentication, authorization, identity management, cryptography, etc. As part of a shift left focus, you will be working part of the development team along with developers to proactively identify any security vulnerabilities (OWASP Top 10, SANS Top 25, CWE) at the earliest before they are discovered late in cycle by InfoSec teams or in production. You will be working as a liaison between the Infosec team and development teams, understanding the security issues reported by central InfoSec teams to development teams to help them understand and fix them.
You require very good communication and presentation skills to be able to present your findings to Leadership/Management/Development teams to help them understand the Risk so that they can take informed decisions on mitigations, controls and residual risk. You need to be highly passionate in following the constantly changing threat landscape and familiarize with latest security vulnerabilities that impacts the teams.
Responsibilities:
Conduct web application security testing on the Bank applications and report the findings to Leadership / Management / Development teams
Understand the security issues reported by InfoSec teams and work with development teams to make them understand and fix.
Evangelize application security concepts within development community to help prevent the security vulnerabilities in first place.
Required Skills
Deep understanding of different web application technologies, web protocols (HTTP, HTTPS, etc.), browser technologies, etc.
In depth domain understanding of application security in terms of Identity and Access Management (IAM), different authentication technologies (passwords, biometrics, OTP, digital certificates & PKI, device authentication, FIDO U2F/Passkeys, etc.
Proven expertise on different security testing tools (Proxy tools like Fiddler, Black box security testing tools like Burp, Static Security Code analysis tools,
Deep understanding of different application security vulnerabilities such as OWASP Top 10, SANS Top 25, CWE, attack patterns (CAPEC), etc.
Bachelor's Degree in Computer Science or equivalent experience.
Must be self-directed, able to work independently, as well as work in a team-oriented and fast paced environment
Must Haves
- Security specialization
- Manual/automation testing
- Testing for vulnerabilities
- Soap UI
- Black box, white box testing
- Agile experience
- Experience hacking web application and APIs
Desired Skills:
Working experience on different security technologies and standards like Single Sign On (SSO) using SAML/OpenID, OAuth protocols, etc.
Good understanding of Cryptographic algorithms and standards like Symmetric/Assymetric crypto techniques, digital signatures, JWS/JWE tokens, Hardware Security Modules (HSMs), etc.
Understanding of Security vulnerabilities related to Cloud environments is an added advantage.
Well known Security certifications is an added advantage
Understanding of Threat Modelling concepts and Secure Development Life Cycle processes.
Mobile Application Security familiarity is desirable.
About Matlen Silver
Experience Matters. Let your experience be driven by our experience. For more than 40 years, Matlen Silver has delivered solutions for complex talent and technology needs to Fortune 500 companies and industry leaders. Led by hard work, honesty, and a trusted team of experts, we can say that Matlen Silver technology has created a solutions experience and legacy of success that is the difference in the way the world works.
Matlen Silver is an Equal Opportunity Employer and considers all applicants for all positions without regard to race, color, religion, gender, national origin, age, sexual orientation, veteran status, the presence of a non-job-related medical condition or disability, or any other legally protected status.
If you are a person with a disability needing assistance with the application or at any point in the hiring process, please contact us at email and/or phone at: //
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
