Senior Penetration Tester (Web/Mobile applications) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Accord Technologies Inc ยท 4 months ago

Senior Penetration Tester (Web/Mobile applications)

positionMinnesota, United States
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

Accord Technologies Inc is seeking a Senior Penetration Tester to join their team in Minnetonka, MN. The role involves performing manual and automated penetration testing of web and mobile applications, leading security assessments, and collaborating with engineering teams to ensure secure coding practices are followed.

Information Technology & Services

Responsibilities

Perform manual and automated penetration testing of web and mobile applications
Lead security assessments using DAST and SAST tools (e.g., Burp Suite, ZAP, Checkmarx, AppScan, WebInspect, Acunetix)
Evaluate and secure cloud environments (AWS and Azure) including EC2, S3, RDS, VNets, and Azure DevOps pipelines
Conduct API security reviews, enforce secure coding practices, and validate implementations against best practices
Perform code reviews in Python, Java, PHP, Perl, and Objective-C to identify vulnerabilities
Provide architecture-level feedback on SSL/TLS, networking, load balancing, and ACL configurations
Develop and maintain Application Security Programs with a focus on CI/CD integration and secure SDLC
Lead scoping calls with stakeholders, define testing approaches, and present findings/reports
Actively research emerging exploits and contribute to vulnerability discovery (e.g., CTF, Hack the Box)
Collaborate with engineering and product teams to ensure remediation strategies are adopted

Qualification

OWASP Top 10NISTSecure SDLCBurp SuiteAWSPythonJavaPHPPerlObjective-CSSL/TLSTCP/IPACLsRoutingLoad balancingAzureMetasploitZAPCheckmarxAppScanLAMPLEMPMEAN stackOSCPOSWACEHSANSGWAPTGPENGWEB

Required

10+ Years of experience
Strong knowledge of OWASP Top 10, NIST, and secure SDLC
Proficiency in penetration testing tools: Burp Suite, Metasploit, ZAP, Checkmarx, AppScan
Hands-on cloud security expertise in AWS (EC2, S3, RDS, KMS) and Azure security architecture
Strong programming background in Python, Java, PHP, Perl, Objective-C for code review and exploit development
In-depth knowledge of network security concepts: SSL/TLS, TCP/IP, ACLs, routing, load balancing
Familiarity with LAMP, LEMP, and MEAN stacks from a security perspective
Excellent communication skills for both technical and business stakeholders
Certification is mandatory in OSCP / OSWA / CEH or SANS (GWAPT, GPEN, GWEB)

Company

Accord Technologies Inc

twitter
company-logo
We are one of the pioneers in Information technology consulting and staffing industry.
location
Sheridan, Wyoming, US
people-size51-200 employees
web-link
http://www.accordtecinc.com

Funding

Current Stage
Growth Stage
Company data provided by crunchbase