Web App Testing

Responsibilities:

• Perform manual Application penetration testing against API’s (REST/SOAP), Web Applications, Mobile applications, and thick client applications

• Perform threat modeling, evaluate application business logic, and perform application architecture reviews

• Ability to demonstrate application testing experience in real time via demos to both internal and external audiences

• Ability to perform objective based, abstract penetration testing engagements

• Ability to develop and exploit POCs

• Act independently in penetration testing engagements, with minimal oversight and guidance

• Engage with technical and non-technical audiences to articulate both testing processes, techniques and results; guide technical audiences on remediation options and assist clients in weighing those options

Qualifications:

• Minimum three (3) years of recent experience in application penetration testing of API’s, web applications, or mobile applications

• Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations

• Experience with burp suite pro, and other app testing tools such as Netsparker

• Bachelor's degree from an accredited college/university or equivalent industry experience

• One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSWE, OSWA