Senior Application Security Tester

Senior Application Security Tester

Location: Seattle, WA / Hybrid

Experience: 8 years in Application Security, Penetration Testing, and Authentication

Role Overview

We seek a Senior Application Security Engineer to lead penetration testing, vulnerability management, and secure SDLC practices. The ideal candidate will assess applications, APIs, networks, and cloud environments to mitigate security risks, ensure compliance, and enhance security operations.

Key Responsibilities

• Conduct penetration testing & secure code reviews for web, mobile, and APIs.
• Implement SAST/DAST solutions (Checkmarx, Veracode, Snyk).
• Perform threat modeling & vulnerability assessments (Nmap, Nessus, Qualys).
• Work with SOC teams & SIEM tools (Splunk, QRadar, Azure Sentinel) for incident response.
• Integrate DevSecOps into CI/CD pipelines and ensure cloud security in AWS, Azure, GCP.
• Ensure compliance with PCI-DSS, HIPAA, NIST, ISO 27001.
• Mentor teams on secure coding & cybersecurity best practices.
  
  

Skills & Qualifications

✔ 8 years in Application Security & Penetration Testing.

✔ Hands-on expertise in Burp Suite, Kali Linux, Metasploit, Nmap, Wireshark.

✔ Strong knowledge of OWASP Top 10, MITRE ATT&CK, firewall security.

✔ Experience with .NET, Java, Python, C/C for code analysis.

✔ Certifications (CEH, CISSP, OSCP) are a plus.