Application Offensive Security Consultant
- Country: United States
- Region: New Jersey
The Application Offensive Security Consultant will be a critical member of the Application Security team, contributing to the Technology Risk initiative. This role focuses on conducting offensive security assessments on applications while providing subject matter expert (SME) guidance to key projects. The ideal candidate should have a strong understanding of application security testing, red teaming, and penetration testing, equipped to guide project initiatives and ensure adherence to security best practices.
Compensation and Benefits
Competitive salary based on experience
Health benefits
Flexible working conditions
Why you should apply for this position today
This position offers the chance to work at the forefront of application security, providing opportunities to engage in meaningful security assessments. You will work collaboratively with various teams, enhancing your skills while contributing to significant projects that impact the organization.
Skills
Minimum of 6 years of experience in application security testing
At least 4 years of experience in conducting red teaming engagements
Proficiency with application security testing tools such as Burp Suite Professional and OWASP ZAP
Ability to perform manual security testing and utilize live off the land strategies
Strong understanding of vulnerabilities in OWASP Top 10 and SANS Top 25, along with effective defense techniques
Familiarity with the MITRE Framework and adversarial methodologies
Capability to bypass controls and test countermeasures for misconfigurations
Excellent multitasking and the ability to work under pressure
OSCP or GWAPT certification is a plus
Responsibilities
Perform red teaming against applications and APIs
Conduct application threat hunting to assess risks
Execute manual (non-automated) security testing of applications
Provide vulnerability information in predefined report formats following manual testing methodologies
Generate assessment reports and summarize findings for remediation, documenting technical issues identified during security assessments
Act as a subject matter expert in response to security engineering questions related to application defense enhancements
Collaborate with Security Architects, Product Managers, Risk Managers, and other teams to deliver high-quality products
Note: Responsibilities may extend beyond those listed above.
Qualifications
Minimum of 6 years of related experience
Bachelors Degree and/or equivalent experience
This is not a penetration testing role; it extends beyond traditional pen testing.
Education Requirements
Bachelors Degree in a related field or equivalent experience
Education Requirements Credential Category
Bachelors Degree
Experience Requirements
Minimum of 6 years of experience in application security testing
At least 4 years of experience in red teaming engagements
Proficiency with application security testing tools and methodologies
Why work in Jersey City, NJ
Jersey City offers a vibrant urban lifestyle with a close-knit community feel. The city is known for its beautiful waterfront views, diverse dining options, and easy access to New York City. With a growing technology sector, Jersey City is an excellent place for professionals in the tech field to thrive and connect with like-minded individuals.
Employment Type: Contractor
Education Level: Bachelor's degree
1. Do you have a minimum of 6 years of experience in application security testing
2. Do you have a minimum of 4 years of experience in conducting red teaming engagements
3. Do you have a minimum of 4 years of experience in application security testing tools such as Burp Suite Professional & Owasp Zap
4. Do you have the ability to test manually and live off of the land strategies
5. Do you have the ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques
6. Do you understanding of MITRE Framework and adversarial methodologies
7. Do you have the ability to bypass controls and/or test countermeasures for misconfigurations
8. Do you have the ability to work under pressure, multitask and be flexible
9. Are you Certified in OSCP or GWAPT or related offensive security/red teaming certification
10. Must be a US Citizen or Green Card holder.
Reference : Application Offensive Security Consultant jobs