Key skills
CloudGitHubPenetration Testing
About this role
Role Overview
- Conduct security architecture reviews and threat modeling sessions with development teams using STRIDE methodology
- Perform application security assessments across 20+ security verification service offerings including SAST/DAST analysis, manual code review, API security testing, authentication/authorization testing, and vulnerability validation
- Execute hands-on security testing of web applications, APIs, mobile applications, and cloud-native services
- Analyze and validate security findings from automated tools (GitHub Advanced Security, Synack, Tenable, AquaSec) and provide actionable remediation guidance
- Support penetration testing engagements and coordinate with third-party security assessment vendors (Synack ST+)
Requirements
- 5 to 7+ years of experience in application security, software security engineering, or related roles
- Hands-on experience conducting security assessments including code review, penetration testing, or vulnerability analysis
- Demonstrated ability to threat model applications and identify security design flaws
- Proficiency with application security testing tools and methodologies
- Strong understanding of at least one programming language and web application architecture
Tech Stack
- Cloud
Benefits
- Opportunity for annual cash bonus
- Health / Dental / Vision Benefits Day-One
- 5% matching 401k
- Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!