Application Security Penetration Tester – Hybrid – Contract-to-Hire A large financial services organization is seeking an Application Security Penetration Tester for a hybrid, contract-to-hire position. This role supports the organization’s Technology Risk initiative by delivering offensive security assessments and guiding secure development across key projects. Join our Application Security team as part of our broader Technology Risk initiative. As an Application Security Penetration Tester, you’ll lead offensive security assessments, perform hands-on testing of applications and APIs, and provide expert guidance on key projects. Your goal: identify vulnerabilities before attackers do, and help build more secure software across the enterprise. Key Responsibilities Conduct offensive security testing on applications, APIs, and services. Perform targeted threat hunting to identify potential risks in application environments. Execute manual penetration testing beyond standard automated scans. Document and communicate vulnerabilities using a defined reporting format. Summarize assessment findings and support remediation efforts. Provide subject matter expertise on secure application design and defensive techniques. Collaborate with Security Architects, Product Managers, and Risk teams to ensure secure delivery across products. What You’ll Bring 6+ years of experience testing web applications for security vulnerabilities. 4+ years of hands-on experience with tools such as Burp Suite , OWASP ZAP , or similar. Strong manual testing skills and the ability to identify OWASP Top 10 issues without relying on scanners. Familiarity with adversarial methodologies and the MITRE ATT&CK Framework . A Bachelor’s degree or equivalent experience. Strong communication skills and the ability to work across multiple teams and priorities. Bonus Skills (Nice to Have) Exposure to penetration testing or red teaming methodologies. Participation in Capture The Flag (CTF) events or hands-on training platforms like TryHackMe or HackTheBox . Experience completing advanced security courses or labs. Interest in continuous learning and staying current on security trends. Note: Certifications (e.g., OSCP, OSWE, GPEN) are appreciated but not required . Why Join Us? You'll work in a collaborative, security-focused environment where your skills directly impact the safety and integrity of critical applications. If you're passionate about offensive security and enjoy digging deep into real-world risks, we’d love to hear from you. Flexible work from home options available. #J-18808-Ljbffr Synergistic Systems Inc
...Job Title: Senior Ivanti Connect Secure Consultant / Senior Network Security Engineer Company: Recruiting on behalf of our client Location: New York, NY (Hybrid - 80% Remote, 20% On-site) Job Type: Contract, Full-time Duration: Approximately 3 Months (...
...Job Description Job Description *** MUST HAVE 1+ YEARS OF EXPERIENCE -- MUST SPEAK GREEK *** Job Summary:We are seeking a compassionate Caregiver to join our team. The Caregiver will provide assistance to individuals in their daily living activities, ensuring their...
...insurance ~ Health insurance ~ Paid time off ~ Vision insurance Were seeking a detail-oriented and versatile Copywriter/Editorial Assistant to join our company, a leader in continuing education for financial professionals. This role blends copywriting with...
...clinic setting through integrated team-based behavioral health care delivery model. ~ Option to support Adult Mental Health Partial... ...programs, outpatient behavioral health clinic, and primary care-behavioral health integration. Other members of the team...
...receive an alert:Work with us Title: Principal Consultant - Tech & Impl - L1 Requisition ID: 74879City: MinneapolisCountry/Region: USWipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative...