Conduct application penetration testing across browser-based/web applications, APIs, and mobile applications using manual techniques and automated tools.
Configure and optimize testing tools to enhance coverage and efficiency.
Reproduce, validate, and demonstrate security vulnerabilities, including chained attack paths when applicable.
Create detailed technical reports with evidence, impact analysis, and remediation guidance.
Collaborate with application and security teams to prioritize and address identified vulnerabilities effectively.
What's Needed?
At least 2 years of hands-on application penetration testing experience, with a focus on manual testing methods.
Experience with Dynamic Application Security Testing (DAST) tools, including configuration and manual verification of findings.
Proficiency in testing web, API, and mobile applications, with knowledge of security vulnerabilities (OWASP Top 10).
Strong problem-solving skills and the ability to analyze complex security issues.
Excellent communication skills to effectively share findings with technical and non-technical stakeholders.