Senior Application Security Pentester

June 12

🦀 Maryland – Remote

Although this job is listed in Maryland, this company may be open to hiring remote in other states.

💵 $85k - $165k / year

⏰ Full Time

🟠 Senior

🔧 QA Engineer (Quality Assurance)

Apply Now

Receive Emails with Similar Jobs

Independent Security Evaluators

WebsiteLinkedInAll Job Openings

Cybersecurity • Security

Independent Security Evaluators is a cybersecurity firm dedicated to building and enhancing secure technology solutions for a variety of industries. They specialize in conducting security assessments, vulnerability assessments, application security assessments, and penetration testing. Their capabilities extend to providing security consulting with an adversary-centric mindset to secure or compromise assets. ISE also offers consulting on secure design analysis, which focuses on identifying and fixing design-level flaws in systems. The company has a strong foundation in security research, contributing significant insights to areas like medical devices, IoT devices, and blockchain technology. Additionally, ISE offers training programs aimed at transferring security knowledge and best practices to developers and other stakeholders.

11 - 50 employees

🔒 Cybersecurity

🔐 Security

📋 Description

• Interface directly as a project lead, senior analyst, or in a scoping capacity • Mentor junior analysts throughout client assessments, research projects, findings reviews, and general professional and technical development • Perform hands-on security assessments and reviews on various pieces of technology including but not limited to: Web apps and APIs, Mobile apps, Networks, Cloud architecture and configuration, Source code analysis, Hardware and firmware • Create comprehensive assessment reports that clearly identify vulnerabilities, how they impact our client’s digital assets, and remediation strategies • Provide consultative advice to ISE’s clients regarding best practices, design guidance, new threats, policies and processes, etc. • Perform research and develop whitepapers/presentations/etc. regarding relevant research, security topics, tools and techniques driven by your areas of interest and expertise • Opportunity to participate in IoT Village

🎯 Requirements

• 4-6+ years in security consulting with a focus on application/software • Experience with programming and developing exploits • Familiarity with Unix command line tools and working in CLI environments • Skillset in the following: Web and desktop application security (Advanced), Cloud security and architecture (Advanced), Mobile application security (Basic) • Background in the following: Software vulnerability analysis, code analysis, and fuzzing; Reverse engineering through static and dynamic analysis; Analyzing cryptographic workflows; Analyzing network traffic • Experience interacting with clients in a consultative environment • Strong technical writing and oral communication skills • Public speaking experience • Desire to make things better: help our clients secure their products, help your colleagues grow and learn, self-motivated and always seeking improvement • Nice to have (but we can teach you!): Skillset in the following: IoT hardware security, Network security, Red Teamimg, AI security, Experience with digital rights management and digital watermarking, Experience with secure software development, Familiarity with industry standard security policies (SOC2, OWASP ASVA, GDPR, ISO 27001, PCI, NIST CSF, etc) and their practical applications, Experience assessing generative AI technologies and applications

🏖️ Benefits

• $0 health premium plan option, including spouse and family • Unlimited vacation • Flexible schedule, work from home options • Opportunities to research and publish, speak at major security events and conferences • Relaxed and fun environment: ditch the suit and tie, sit or stand at your desk or find a sofa • Everyone has a mentor, or two or three sometimes. We hold you and ourselves accountable for your advancement. You’ll learn directly from your mentor, your colleagues, resources vetted by the team, and at regular firetalk lunches by your peers – oh, and lunch is on us once a week in the office. You also have access to paid training, workshops, university courses, certification courses, and we’ll pay for the certs too. Want to learn a new skill that you aren’t currently using but want to? Great! Innovation is key–new technology is important.