Insight Global’s client is looking for an Application Security Penetration Tester to join their team in Washington, DC. This person will work closely in a team of 5 individuals doing source code review and penetration testing to identify any security concerns or vulnerabilities within mobile applications. You will be testing security within a microservices based environment and performing some red team responsibilities. Also, you will be responsible for conducting assessments and providing documentation of the findings.
Required Skills and Experience
- 4+ years of experience conducting manual Source Code reviews.
- Experience with automated testing tools for SAST (Static Application security Testing), DAST (dynamic Application security Testing), and SCA (software Composition Analysis). Example tools: Checkmarx, Burp Suite Pro, Plextrac, Veracode, Hashicorp Vault
- 4+ years of experience with hands on manual penetration testing. Example tools: Synopsis, Veracode
- Experience with web application and API testing. Example tools: Postman, SmartBear, SoapUI
- Experience with mobile testing (ios and android) with tools such as Corellium or similar
- Experience testing within a cloud environment
- Proficient reading and/or coding in multiple programming languages
- Excellent verbal & written communication as this person will be reporting findings to various stakeholders.
Nice to Have Skills and Experience
- Bachelors degree in computer science or related field
- Security certifications such as: GWAPT, CEH, OSCP
