Application Penetration Tester
: Job Details :

Insight Globals client is looking for Application Security Penetration Testers to join their team in Washington,DC. This person will work closely within a team of 5 individuals doing source code review and penetration testing to identify any security concerns or vulnerabilities within mobile applications. You will be testing security within a microservices based environment and performing some red team responsibilities. Also, you will be responsible for conducting assessments and providing documentation of the findings. The team consists of 1 lead application penetration tester, 3 application penetration testers, and 1 technical PM. Compensation: $125,000 - $155,000 per year Exact compensation may vary based on several factors, including skills, experience, and education.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ...@insightglobal.com . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: . Required Skills & Experience4+ years of experience conducting manual Source Code reviewsExperience with automated testing tools for SAST (Static Application security Testing), DAST (dynamic Application security Testing), and SCA (software Composition Analysis)Example tools: Checkmarx, Burp Suite Pro, Plextrac, Veracode, Hashicorp Vault4+ years of experience with hands on manual penetration testingExample tools: Synopsis, VeracodeExperience with web application and API testingExample tools: Postman, SmartBear, SoapUIExperience with mobile testing (ios and android) with tools such as Corellium or similarExperience testing within a cloud environmentProficient reading and/or coding in multiple programming languagesExcellent verbal & written communication as this person will be reporting findings to various stakeholders. Nice to Have Skills & Experience- Bachelor's degree in computer science or related field- Security certifications such as:o GWAPT o CEH o OSCP Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.