Application Penetration Tester (APT)

As a Level 2 Application Penetration Tester (APT) with 6 years of experience, your role will involve conducting application penetration testing across web, mobile, and API platforms. You will be responsible for identifying, analyzing, and validating vulnerabilities using manual and automated methods. Utilizing tools like BurpSuite Professional and other industry-standard tools, you will perform security assessments and create detailed penetration testing reports with remediation steps. Your communication skills will be crucial as you will be conducting stakeholder meetings to present findings and provide actionable recommendations. It is essential to ensure compliance with OWASP Top 10, SANS 25, and other secure coding guidelines and collaborate with development, DevOps, and infrastructure teams for timely issue resolution. Staying updated with the latest attack techniques, security tools, and best practices is also expected. Key Responsibilities: - Perform application penetration testing across web, mobile, and API platforms. - Identify, analyze, and validate vulnerabilities using manual and automated methods. - Utilize BurpSuite Professional and other industry-standard tools for security assessments. - Create detailed penetration testing reports with remediation steps. - Conduct stakeholder meetings to present findings and provide actionable recommendations. - Ensure compliance with OWASP Top 10, SANS 25, and other secure coding guidelines. - Collaborate with development, DevOps, and infrastructure teams for issue resolution. - Stay updated with the latest attack techniques, security tools, and best practices. Qualifications Required: - Strong knowledge of application security testing methodologies. - Mandatory skills in WebApp, API, and Mobile (IOS and Android). - Hands-on expertise with BurpSuite Professional and other scanning tools. - Familiarity with common programming languages like Java, C#, Python, JavaScript. - Excellent communication skills for stakeholder interaction and report presentation. - Strong analytical and problem-solving skills with attention to detail. Certifications Required: - Candidate must hold at least one industry-leading certification in the application security testing domain, such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), SANS 25, LPT (Licensed Penetration Tester), CEPT (Certified Expert Penetration Tester), or equivalent recognized certification. In this role, you will have the opportunity to work on high-visibility application security projects, gain exposure to web, mobile, and API testing using leading tools and frameworks, enhance both technical and presentation skills through direct stakeholder interaction, and contribute to strengthening enterprise security posture during the fixed-term contract with competitive compensation.,