Application Offensive Security Consultant

Waterfall Technology Consulting Partners

Remote Eligibility

Hybrid

Domain

Application Security

State

New Jersey

City

Jersey City

Job Description

Posted on:

November 18, 2024

Primary NIST Speciality

Securely Provision

NIST Sub-speciality

Risk Management

Seniority

Experienced

Salary ($K)

Summary and company overview

Summary Information about the Role

Being a member of the Application Security team, you will be part of the Technology Risk initiative to support offensive security assessments on applications and provide SME guidance to key projects.

The Application Offensive Security Consultant is responsible for providing technical direction and performing security assessment on applications. The person in this role should possess good understanding of application security testing, red team / adversarial engagements, and penetration testing and related development expertise to guide project initiatives to ensure security best practices are being used.

This is a temp to perm role
Employer requires 3 days a week onsite

Company Overview

WTCP is a dynamic and innovative staffing organization with a proven track record of success. We are dedicated to delivering results by connecting qualified industry professionals with suitable employment opportunities, facilitating a mutually beneficial relationship between job seekers and employers. We aim to foster positive and impactful interactions contributing to diversity, collaboration and excellence.

Responsibilities

Perform red teaming against applications and APIs.
Perform application threat hunting to evaluate risk to applications
Perform manual (non-automated) security testing of applications
Provide the vulnerability information in the predefined report format after performing the testing using manual methodology and tools
Generate reports on assessment findings and summarizes to facilitate remediation, document technical issues identified during security assessments
Be a subject matter expert and respond to any security engineering questions/requests related to Application Defense enhancements
Collaborate with Security Architects, Product Manager, Risk Managers, and other teams to deliver high quality product.
Note: Responsibilities of this role are not limited to the details above

Job Requirements

Required Qualifications

Minimum of 6 years of related experience
Bachelors Degree and/or equivalent experience

Preferred Qualifications

Minimum of 6 years of experience in application security testing
Minimum of 4 years of experience in conducting red teaming engagements
Minimum of 4 years of experience in application security testing tools such as Burp Suite Professional & Owasp Zap
Ability to test manually and live off of the land strategies
Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques
Understanding of MITRE Framework and adversarial methodologies
Ability to bypass controls and/or test countermeasures for misconfigurations
Ability to work under pressure, multitask and be flexible
Certified in OSCP or GWAPT or related offensive security/red teaming certification

Additional commentary

This is not a penetration testing role. It goes beyond the scope of a traditional pen test

Focused Skills: Application Security, Red Teaming

Waterfall Technology Consulting Partners LLC (WTCP) is an equal opportunity employer and welcomes candidates from all backgrounds to apply. If you are ready to take the next step in your career, please submit your resume today so that we can provide you with your pay package quote specific to your travel needs!

Summary and company overview

Summary Information about the Role

Being a member of the Application Security team, you will be part of the Technology Risk initiative to support offensive security assessments on applications and provide SME guidance to key projects.