myGwork - LGBTQ+ Business Community · 3 days ago
Web Application Penetration Tester - Technical Lead
Wonder how qualified you are to the job?
Maximize your interview chances
Internet
Insider Connection @myGwork - LGBTQ+ Business Community
Responsibilities
Perform web application penetration tests, including manual and automated testing techniques
Identify and exploit vulnerabilities in web applications, APIs, and related technologies
Develop and maintain scripts, tools, and methodologies to enhance web application security testing processes and capabilities
Provide detailed vulnerability analysis and contextual feedback to development and operations teams
Collaborate with stakeholders to scope prospective engagements, lead engagements, and mentor less experienced staff
Collaborate with the Red Team to integrate web application penetration testing findings into broader threat emulation scenarios and organizational security assessments
Contribute to the development and improvement of security policies, standards, and guidelines
Generate innovative ideas and challenge the status quo
Develop scripts, tools, or methodologies to enhance the Red teaming processes and capabilities
Participate in and actively support mentoring with other members of the team
Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
8-10 years of relevant experience in web application security and penetration testing
One or more technical certifications: OSWA, OSWE, OSCP, GWAPT, GMOB, OSEE, OSEP, or similar
Proficient with common web application penetration testing tools (e.g., Burp Suite, OWASP ZAP)
Solid understanding of web technologies (e.g., HTTP, HTML, JavaScript, REST, SOAP) and common web application vulnerabilities (e.g., SQL injection, XSS, CSRF)
Knowledge of secure coding practices and application security frameworks (e.g., OWASP)
Ability to critically examine web applications and systems through the perspective of a threat actor
Preferred
Experience with secure development practices and code review
Proficiency in at least one scripting or programming language (e.g., Python, JavaScript, Ruby)
In-depth knowledge of cloud security for web applications (e.g., AWS, Azure, GCP)
Experience with mobile application security testing and relevant tools (e.g., MobSF, Frida, Burp Suite Mobile Assistant)
Company
myGwork - LGBTQ+ Business Community
myGwork is the largest global platform for the LGBTQ+ business community.
Funding
Current Stage
Early StageTotal Funding
$4.77MKey Investors
24 HaymarketInnovate UK
2023-08-17Series Unknown· $1.66M
2023-08-17Grant· Undisclosed
2021-12-07Series A· $2.12M
Recent News
2024-04-10
Company data provided by crunchbase