Senior Application Security Consultant
Do you have a strong experience with web and mobile application development and application security assessments? Do you understand a wide range of technologies, programming languages and application frameworks to identify risks and vulnerabilities in customer systems? Do you want to work with a team of application security experts conducting security assessments, penetration testing, research, and consulting?
Security Professional Services Inc. (Security PS) is seeking motivated and dedicated professionals to join our team. We have an immediate position open for a Senior Application Security Consultant, which is an experienced role that leads and conducts complex, nonstandard application security testing, leads and trains multiple team members on engagements, and assists in the ongoing development of the practice. Our senior consultants lead teams to conduct application-layer security assessments, penetration tests, and conduct research in this important field. Our team sees a variety of web technologies including single page applications (SPAs), Android and iOS applications, SOAP and REST services, desktop applications, OAuth implementations, single sign-on, custom network protocols, and more. We get to do reverse engineering of .NET, Java, Android, and other common platforms as part of engagements. You will train and support other consultants in gaining the skills required to test these applications thoroughly.
As a Senior Application Security Consultant, you will be expected to be able to assess complex applications on day one as well as demonstrate superior consulting, project leadership, communication, and writing skills.
Responsibilities:
• Consult with technical and non-technical client stakeholders
• Lead projects as well as train less experienced consultants and make them successful on projects
• Take on new technologies that are unfamiliar, research them, and perform a comprehensive assessment on that component
• Apply testing methodologies and tools to perform penetration testing and assessments on complex applications.
• Maintain application development knowledge and skills to support Security PS methods, services, and consultative value.
• Lead assessment engagements according to our defined methodology, collaborating with the team for support, and taking ownership of the result.
• Manages priorities and tasks to achieve utilization targets.
• Participate in research and development efforts to improve Security PS practices and team skills.
• Manage personal work time with little supervision while meeting internal and external client deliverable deadlines.
• Collaborates with senior consultants and sales to assist in scoping efforts for incoming sales requests and deliverables.
Qualifications:
• Demonstrable knowledge of:
• * Extensive experience performing manual penetration testing and assessments on web applications, Single Page Applications, Mobile Applications, Desktop Applications, Web Services (SOAP & REST), and OAuth implementations.
• Ability to reverse engineer Java, .NET, and Android applications.
• Able to write deliverable reports, including executive summaries and presentations, and status reports for clients
• Proficient at using Burp Suite Professional to manually identify and exploit vulnerabilities
• Excellent project management, leadership, time management, and client consulting skills
• Passing knowledge of:
• * General networking principles and IT administration basics.
• Encryption methods, disciplines and technologies
• Technical management and IT business concepts.
• Education:
• * Direct work experience performing application penetration testing or assessments; ability to begin testing immediately with guidance on Security PS’s specific methodology
Position Details:
• Focus: Application Security Testing and Consulting
• Location: Remote work position, with Kansas City HQ
• Type: Full Time Employee
• Travel Profile: Low travel requirements
• Great Benefits, Including:
• * Health/Dental/Vision
• Retirement contribution
• Healthy Living Program
• Paid Time Off program
Apply tot his job
Apply To this Job
Security Professional Services Inc. (Security PS) is seeking motivated and dedicated professionals to join our team. We have an immediate position open for a Senior Application Security Consultant, which is an experienced role that leads and conducts complex, nonstandard application security testing, leads and trains multiple team members on engagements, and assists in the ongoing development of the practice. Our senior consultants lead teams to conduct application-layer security assessments, penetration tests, and conduct research in this important field. Our team sees a variety of web technologies including single page applications (SPAs), Android and iOS applications, SOAP and REST services, desktop applications, OAuth implementations, single sign-on, custom network protocols, and more. We get to do reverse engineering of .NET, Java, Android, and other common platforms as part of engagements. You will train and support other consultants in gaining the skills required to test these applications thoroughly.
As a Senior Application Security Consultant, you will be expected to be able to assess complex applications on day one as well as demonstrate superior consulting, project leadership, communication, and writing skills.
Responsibilities:
• Consult with technical and non-technical client stakeholders
• Lead projects as well as train less experienced consultants and make them successful on projects
• Take on new technologies that are unfamiliar, research them, and perform a comprehensive assessment on that component
• Apply testing methodologies and tools to perform penetration testing and assessments on complex applications.
• Maintain application development knowledge and skills to support Security PS methods, services, and consultative value.
• Lead assessment engagements according to our defined methodology, collaborating with the team for support, and taking ownership of the result.
• Manages priorities and tasks to achieve utilization targets.
• Participate in research and development efforts to improve Security PS practices and team skills.
• Manage personal work time with little supervision while meeting internal and external client deliverable deadlines.
• Collaborates with senior consultants and sales to assist in scoping efforts for incoming sales requests and deliverables.
Qualifications:
• Demonstrable knowledge of:
• * Extensive experience performing manual penetration testing and assessments on web applications, Single Page Applications, Mobile Applications, Desktop Applications, Web Services (SOAP & REST), and OAuth implementations.
• Ability to reverse engineer Java, .NET, and Android applications.
• Able to write deliverable reports, including executive summaries and presentations, and status reports for clients
• Proficient at using Burp Suite Professional to manually identify and exploit vulnerabilities
• Excellent project management, leadership, time management, and client consulting skills
• Passing knowledge of:
• * General networking principles and IT administration basics.
• Encryption methods, disciplines and technologies
• Technical management and IT business concepts.
• Education:
• * Direct work experience performing application penetration testing or assessments; ability to begin testing immediately with guidance on Security PS’s specific methodology
Position Details:
• Focus: Application Security Testing and Consulting
• Location: Remote work position, with Kansas City HQ
• Type: Full Time Employee
• Travel Profile: Low travel requirements
• Great Benefits, Including:
• * Health/Dental/Vision
• Retirement contribution
• Healthy Living Program
• Paid Time Off program
Apply tot his job
Apply To this Job