Free Application Offensive Security Consultant

Published date: October 14, 2024
  • Location: New Jersey, United States



The Application Offensive Security Consultant will be a critical member of the Application Security team, contributing to the Technology Risk initiative. This role focuses on conducting offensive security assessments on applications while providing subject matter expert (SME) guidance to key projects. The ideal candidate should have a strong understanding of application security testing, red teaming, and penetration testing, equipped to guide project initiatives and ensure adherence to security best practices.

Compensation and Benefits

Competitive salary based on experience
Health benefits
Flexible working conditions

Why you should apply for this position today

This position offers the chance to work at the forefront of application security, providing opportunities to engage in meaningful security assessments. You will work collaboratively with various teams, enhancing your skills while contributing to significant projects that impact the organization.

Skills

Minimum of 6 years of experience in application security testing
At least 4 years of experience in conducting red teaming engagements
Proficiency with application security testing tools such as Burp Suite Professional and OWASP ZAP
Ability to perform manual security testing and utilize “live off the land” strategies
Strong understanding of vulnerabilities in OWASP Top 10 and SANS Top 25, along with effective defense techniques
Familiarity with the MITRE Framework and adversarial methodologies
Capability to bypass controls and test countermeasures for misconfigurations
Excellent multitasking and the ability to work under pressure
OSCP or GWAPT certification is a plus

Responsibilities

Perform red teaming against applications and APIs
Conduct application threat hunting to assess risks
Execute manual (non-automated) security testing of applications
Provide vulnerability information in predefined report formats following manual testing methodologies
Generate assessment reports and summarize findings for remediation, documenting technical issues identified during security assessments
Act as a subject matter expert in response to security engineering questions related to application defense enhancements
Collaborate with Security Architects, Product Managers, Risk Managers, and other teams to deliver high-quality products
Note: Responsibilities may extend beyond those listed above.

Qualifications

Minimum of 6 years of related experience
Bachelor’s Degree and/or equivalent experience
This is not a penetration testing role; it extends beyond traditional pen testing.

Education Requirements

Bachelor’s Degree in a related field or equivalent experience

Education Requirements Credential Category

Bachelor’s Degree

Experience Requirements

Minimum of 6 years of experience in application security testing
At least 4 years of experience in red teaming engagements
Proficiency with application security testing tools and methodologies

Why work in Jersey City, NJ

Jersey City offers a vibrant urban lifestyle with a close-knit community feel. The city is known for its beautiful waterfront views, diverse dining options, and easy access to New York City. With a growing technology sector, Jersey City is an excellent place for professionals in the tech field to thrive and connect with like-minded individuals.
Employment Type: Contractor

Education Level: Bachelor's degree

1. Do you have a minimum of 6 years of experience in application security testing

2. Do you have a minimum of 4 years of experience in conducting red teaming engagements

3. Do you have a minimum of 4 years of experience in application security testing tools such as Burp Suite Professional & Owasp Zap

4. Do you have the ability to test manually and “live off of the land strategies”

5. Do you have the ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques

6. Do you understanding of MITRE Framework and adversarial methodologies

7. Do you have the ability to bypass controls and/or test countermeasures for misconfigurations

8. Do you have the ability to work under pressure, multitask and be flexible

9. Are you Certified in OSCP or GWAPT or related offensive security/red teaming certification
10. Must be a US Citizen or Green Card holder.


Reference : Application Offensive Security Consultant jobs

Contact seller Share

Useful information

  • Avoid scams by acting locally or paying with PayPal
  • Never pay with Western Union, Moneygram or other anonymous payment services
  • Don't buy or sell outside of your country. Don't accept cashier cheques from outside your country
  • This site is never involved in any transaction, and does not handle payments, shipping, guarantee transactions, provide escrow services, or offer "buyer protection" or "seller certification"

Related listings

  • Mental Health and Relationship
    Mental Health and Relationship
    Technology - (New Jersey) - October 8, 2024 Free

    The Advanced Psychology Institute, a premier Mental Health and Relationship Clinic based in New Jersey, is seeking a licensed psychotherapist to join our team remotely. This part-time Therapist position offers the opportunity to transition to full-ti...

  • House Cleaner
    House Cleaner
    Technology - (New Jersey) - September 8, 2024 Free

    House Cleaner Job Description: As a House Cleaner at Mercer Cleaning Company, your role is essential in delivering high-quality cleaning services to both residential and commercial clients. Success in this position means consistently maintaining clea...

  • Software Developer
    Software Developer
    Technology - (New Jersey) - August 3, 2024 Free

    Job Description: Software Developer We are looking for a skilled Java Developer to join our dynamic team. The ideal candidate will possess a strong background in Java development and a passion for creating high-quality, scalable software solutions. A...

Comments

    Leave your comment (spam and offensive messages will be removed)