Web Application Penetration Tester

Remote Full-time
Black Lantern Security is a Services Oriented Company
• Black Lantern Security is built around the ingenuity, passion, and determination of our Operators and Analysts
• No one "mastermind"
• No "cult of personality"
• Competitive compensation and benefits
• Healthy work-life balance
• Project-based engagements that play to the team's strengths

Web Application Penetration Tester

Location: Remote

Required:
• Must be US citizen (must be willing to submit to federal, state, and local background checks and other requirements).
• Experience in performing penetration testing on enterprise networks, web applications, and mobile applications.
• Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.
• Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON).
• Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities.
• Experience developing actionable intelligence based on open source intelligence (OSINT) gathering.
• Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
• Solid understanding of OWASP testing methodology.
• Familiarity with front-end web application frameworks (i.e. AngularJS, Bootstrap, etc).
• Capable of working effectively and efficiently with minimal supervision.
• Strong written and verbal English language skills.
• Demonstrated ability to:
• Adhere to the highest standards of honesty and scientific and business integrity.
• Think critically about complex problems and situations.
• Consider emerging vulnerabilities and threats from within the context of organizational risk and business impact(s).
• Develop novel attack vectors based on newly discovered vulnerabilities.
• Possess a basic understanding of regulatory standards and requirements including the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and the Gramm-Leach-Bliley Act (GLBA).

Preferences:
• Web application development or source code review experience.
• Strong knowledge of Windows and Linux operating systems.
• Working knowledge of containerized applications and container-based security controls and configurations.Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)

Responsibilities:
• Conduct assessments of web applications, mobile applications, databases, client-side applications and tools, and APIs.
• Execute manual and automated code analysis to assess the quality and security of source code.
• Perform pre-assessment research and preparation including reconnaissance, documentation and configuration review, and customer interviews.
• Develop custom tools and exploits.
• Analyze security findings, including risk analysis and root cause analysis.
• Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigations.
• Develop and deliver walkthrough(s), proof(s) of concept (PoCs), articles, and formal presentations.
• Execute verification and validation testing for customer mitigations and fixes.

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Data Entry/Computer Operator (Work From Home)

Remote

**Experienced Remote Customer Service Specialist – Delivering Exceptional Experiences for blithequark Customers**

Remote

Senior Data Analyst - IntelliScript (Remote)

Remote

Remote Customer Care Associate - Immediate Start (Entry Level / No Prior Experience Required)

Remote

Cold Outreach Specialist (Business Development)

Remote

Manager-Account Development - Chicago

Remote

Walmart Careers Work From Home $25Hr Amazon Store

Remote

**Experienced Entry-Level Data Entry Specialist – Remote Opportunity with arenaflex**

Remote

Experienced Full Stack Customer Support Representative – Global Entertainment Industry

Remote

Workplace Operations Manager job at Vercel in New York, NY

Remote
← Back