Roles and Responsibilities

• Perform manual web application and mobile penetration testing to identify and validate security vulnerabilities.
• Prioritize findings and deliver actionable remediation guidance to engineering and product teams.
• Conduct code-assisted reviews, architecture assessments, and threat modeling exercises.
• Research and evaluate emerging vulnerabilities, exploit techniques, and defensive technologies to strengthen the organization’s security posture.
• Develop and present clear, comprehensive reports and briefings for both technical and non-technical audiences.
• Assess and secure AI/ML-driven applications, including LLM-integrated systems.
• Evaluate AI system components—data ingestion pipelines, model APIs, and inference endpoints—for security and privacy risks.

Required Qualifications

• 5+ years of experience in Application Security, Penetration Testing, or Security Consulting within enterprise environments.
• Strong expertise in manual web and mobile application security testing.
• Proficiency in at least one scripting language (e.g., Python, Perl, Ruby, PHP) and one programming language (e.g., Java, Objective-C).
• Solid understanding of OWASP Top 10, CWE Top 25, and common web/mobile vulnerabilities (e.g., XSS, SQLi, SSRF).
• Familiarity with secure network design, web technology stacks (LAMP, LEMP, MEAN), and AWS security best practices.
• Experience with Mac OS X and/or Linux systems.
• Strong analytical, communication, and reporting skills with the ability to convey technical findings to diverse audiences.
• Demonstrated commitment to continuous learning and staying current with emerging threats and security trends.

Posted By