Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Application Security Pen Tester

N

NowSecure

Application Security Pen Tester

Vienna, VA
Full Time
Paid
Similar Jobs
  • Responsibilities

    Job Description

    APPLICATION SECURITY ANALYST & PEN TESTER

    Come join NowSecure on our mission to save the world from unsafe mobile apps!

    As a cyber security innovator, we are the leader in Mobile Application Security Testing. _WE LITERALLY WROTE THE BOOK ON MOBILE APP FORENSICS AND TESTING.  _NowSecure offers a platform that protects users, devices, apps and enterprises. We are proud to have 100+ customers that include some of the largest banks and corporations across industries such as finance, defense and healthcare.

    We were founded with a mobile-only focus and a strong DNA in forensics and enterprise security. Currently, we have authored five technical books on mobile security for Android and iOS with multiple patents pending. Our engineers and researchers believe in creating conversations and supporting the community, so we build and share open source tools.

    Who you are:

    This highly technical position serves an important role in conducting analysis on critical mobile applications and subject matter consulting. In this role, your primary focus is the analysis of mobile threats and weaknesses that could compromise individuals or organizations and ascertain overall risk. You’ll be able to use your creativity to research and test for emerging threats in the evolving mobile and IoT-connected application space in close collaboration with other subject matter experts.

    The ideal candidate is searching for a company that will grant opportunities to learn and increase autonomy. The candidate should feel comfortable working at a company focused on applied research and product development. This is a technical position that presents opportunity to do research, present at or attend conferences, and career advancement.

    Role description:

    • Research mobile operating systems and applications to identify vulnerabilities
    • Utilize hacking and penetration testing techniques to target mobile apps and web services to test their security
    • Examine transmitted and stored data for personally identifiable information (PII) and/or mobile application artifacts
    • Identify key strategies for remediation of vulnerabilities
    • Present specific intelligence on the data risk profile of applications when in actual use
    • Communicate about security with both end users and technical audiences
    • Continuously monitor the state of the mobile security industry with an eye towards innovation
    • Work with our R&D team to assure continuous upgrades to existing offerings and the development of new cutting edge mobile security solutions
    • Work in an agile and expedited project structure
    • Understand the strengths and weaknesses of security related to mobile apps, devices and operating systems with a specialization and depth in Android

    Key Qualifications:

    • Experience with cyber security, mobile security, mobile development or computer forensics
    • Experience with vulnerability assessment, penetration testing, security audit, ethical hacking, malware analysis, etc
    • Bachelor’s Degree in Computer Science, Computer or Electrical Engineering, Computer/Information Security or equivalent experience
    • Applicable Certifications include: CISSP, OSCP, CHFI, CEH, GPEN, GWAPT
    • Strong communication skills and a high level of professionalism
    • Fluency in written and spoken English
    • Ability to work independently and with a team

    Preferred:

    • Familiarity with SAST, DAST, and IAST tools.
    • Familiarity with tools such as Burp Suite, Frida, Radare, Ghidra, IDA Pro, 
    • Be familiar with industry standards as they relate to mobile, such as OWASP, CWE’s, and CVSS.
    • Experience with reverse engineering
    • Experience with cloud security (Azure, AWS, Google Cloud, etc)
    • Experience conducting web security testing

    What we offer:

    • Competitive Salary and incentive pay
    • Equity
    • Comprehensive Medical/Dental/Vision coverage
    • Flexible spending accounts for Medical, Childcare and Transportation
    • Company paid STD, LTD and Life
    • 401K Plan with Company Match
    • Unlimited PTO

    DO YOU WANT TO LOVE WHERE YOU WORK?

    AMAZING TECH: NowSecure delivers the most advanced mobile app security testing technology on the planet designed by the world’s most advanced security researchers and top engineering talent.

    TOP CUSTOMERS:  The world’s most skilled and demanding security teams depend on NowSecure.

    GREAT TEAM: Smart, driven people powered by craftsmanship, leadership and teamwork at the core.

    GET THINGS DONE: At NowSecure, we move fast and with purpose to ensure our customers are always protected on mobile.

     

    DEPARTMENT: Services

    LOCATION: Remote

    FLSA CLASS: Exempt

    SUPERVISOR: Director, Application Services

    SUPERVISION EXERCISED: None

    TRAVEL REQUIREMENTS: 10-20% for normal business needs

    ENVIRONMENTAL CONDITIONS

    WORK ENVIRONMENT - Normal office environment and/or home office workspace.  Generally similar environment when visiting Company’s customer offices.  

    STRENGTH GUIDELINES - Employee will be expected to lift, move and carry 10-15 lbs in the normal scope of work.

    MOTION PARAMETERS - Employee will be expected to sit for long periods of time with the option to stand or walk (stretch).  Employee may need to bend or squat when picking up items from the floor. Employee must have ability to type on a computer keyboard.

    VISION AND HEARING REQUIREMENTS - Employee must be able to see a computer screen, read internal and external reports and summaries.  There is a normal amount of background noise in the office environment. Employee must be able to see and hear video conferencing tools.

    EMOTIONAL DEMANDS - Employee must be able to understand, react and respond to quick decisions, must be able to read and write with a high level of grammar skill including the ability to read, understand and interpret technical information and data.  On occasion, employee may have to speak publicly in company meetings and/or company led presentations, training and seminars.

     

    INFORMATION SECURITY RESPONSIBILITIES

    • Employee must follow all applicable policies in the Information Security Handbook, Master Information Security Policy and sub-policies, standards and procedures which are generally available to employee.
    • Employee must maintain security of login credentials and information assets, and follow Data Classification policy regarding labelling and handling of Company data.
    • Employee must report any security incidents pursuant to the Incident Response policy
    • Employee must support information risk assessments, internal and external information security audit functions
    • Employee must complete security training during on-boarding process as well as annually when arranged by the Company; and, maintain any certifications as required

    Powered by JazzHR

    H7tXRvrZIN