Jobs via Dice
7110 - Senior Security Testing Consultant (Cloud and Application Security) Local
Jobs via Dice, Sacramento, California, United States, 95828
7110 - Senior Security Testing Consultant (Cloud and Application Security) Local to Sacramento, CA
7110 - Senior Security Testing Consultant (Cloud and Application Security) Local to Sacramento, CA
3 days ago Be among the first 25 applicants Dice is the leading career destination for tech experts at every stage of their careers. Our client, Staff Tech, is seeking the following. Apply via Dice today!
Job Title: 7110 - Senior Security Testing Consultant (Cloud and Application Security) Local to Sacramento, CA
Duration:
~6 months (February 2026 July 2026)
Job Description
An experienced Security Testing Consultant is sought to conduct comprehensive penetration testing, vulnerability assessments, and validation of security controls across cloud platforms, applications, and CI/CD systems. The ideal candidate will demonstrate deep expertise in cloud security posture, secure development practices, and regulatory compliance validation.
Key Responsibilities
Conduct credentialed and non-credentialed web application and API penetration testing using tools such as Tenable WAS, Burp Suite, Nmap, sqlmap, and others. Perform port and service scans and analyze attack surfaces for systems and applications. Assess and validate implementation of security controls against NIST SP 800-53 Rev 5 and FIPS 140-3. Evaluate secure configurations and posture across multiple platforms including: AWS or similar cloud environments Containers (Docker, Kubernetes) CI/CD tools (GitHub, Jenkins, Code Climate, CloudHub 2) Mulesoft Salesforce (Community and Service Cloud) OKTA or other Identity Access Providers Serverless architectures Perform vulnerability exploitation (minimally pervasive) and validate remediation of critical/high findings. Execute both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Validate data classification efforts, including for moderate and high data sensitivity levels. Evaluate Zero Trust Architecture implementations. Work with designated teams to obtain necessary credentials and access to test environments. Provide written weekly status reports and a final report including findings, remediation strategies, and recommendations. Participate in a close-out briefing and perform knowledge transfer to internal stakeholders, including documentation and virtual sessions.
Minimum Qualifications
2+ years FTE experience in IT security solution design, implementation, or testing in cloud or hybrid environments. 2+ years FTE experience in Red Team penetration testing (commercial or government). 3+ years FTE validating secure configurations/posture for: AWS or similar cloud tech Containers (Docker, Kubernetes) CI/CD tools (GitHub, Jenkins, Code Climate, CloudHub 2) Mulesoft Salesforce (Community and Service Cloud) OKTA or similar IAM solutions Serverless architectures Overall secure cloud environments 3+ years FTE experience: Performing SAST and DAST Validating secure Zero Trust Architecture Validating data classification (moderate/high) 2+ years FTE experience working with public sector agencies to achieve compliance with one or more of the following: SAM, CSF, SIMM, NIST, FIPS, FISMA, FedRAMP
Required Certifications (at Least One Per Category Below)
Penetration Testing Certification (1 required): CEPT, CPT, CEH, or CompTIA PenTest+ Security Risk or Cloud Certification (1 required): CRISC, CCSP, or CISSP
Tools And Technologies (Preferred/Used)
Tenable WAS Burp Suite Nmap / sqlmap Salesforce Jenkins / GitHub / CI-CD pipelines AWS OKTA Kubernetes / Docker Mulesoft Microsoft 365 for documentation Industry-standard cybersecurity validation frameworks
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Industries Software Development Referrals increase your chances of interviewing at Jobs via Dice by 2x Get notified about new Senior Application Security Consultant jobs in
Sacramento, CA . We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
7110 - Senior Security Testing Consultant (Cloud and Application Security) Local to Sacramento, CA
3 days ago Be among the first 25 applicants Dice is the leading career destination for tech experts at every stage of their careers. Our client, Staff Tech, is seeking the following. Apply via Dice today!
Job Title: 7110 - Senior Security Testing Consultant (Cloud and Application Security) Local to Sacramento, CA
Duration:
~6 months (February 2026 July 2026)
Job Description
An experienced Security Testing Consultant is sought to conduct comprehensive penetration testing, vulnerability assessments, and validation of security controls across cloud platforms, applications, and CI/CD systems. The ideal candidate will demonstrate deep expertise in cloud security posture, secure development practices, and regulatory compliance validation.
Key Responsibilities
Conduct credentialed and non-credentialed web application and API penetration testing using tools such as Tenable WAS, Burp Suite, Nmap, sqlmap, and others. Perform port and service scans and analyze attack surfaces for systems and applications. Assess and validate implementation of security controls against NIST SP 800-53 Rev 5 and FIPS 140-3. Evaluate secure configurations and posture across multiple platforms including: AWS or similar cloud environments Containers (Docker, Kubernetes) CI/CD tools (GitHub, Jenkins, Code Climate, CloudHub 2) Mulesoft Salesforce (Community and Service Cloud) OKTA or other Identity Access Providers Serverless architectures Perform vulnerability exploitation (minimally pervasive) and validate remediation of critical/high findings. Execute both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Validate data classification efforts, including for moderate and high data sensitivity levels. Evaluate Zero Trust Architecture implementations. Work with designated teams to obtain necessary credentials and access to test environments. Provide written weekly status reports and a final report including findings, remediation strategies, and recommendations. Participate in a close-out briefing and perform knowledge transfer to internal stakeholders, including documentation and virtual sessions.
Minimum Qualifications
2+ years FTE experience in IT security solution design, implementation, or testing in cloud or hybrid environments. 2+ years FTE experience in Red Team penetration testing (commercial or government). 3+ years FTE validating secure configurations/posture for: AWS or similar cloud tech Containers (Docker, Kubernetes) CI/CD tools (GitHub, Jenkins, Code Climate, CloudHub 2) Mulesoft Salesforce (Community and Service Cloud) OKTA or similar IAM solutions Serverless architectures Overall secure cloud environments 3+ years FTE experience: Performing SAST and DAST Validating secure Zero Trust Architecture Validating data classification (moderate/high) 2+ years FTE experience working with public sector agencies to achieve compliance with one or more of the following: SAM, CSF, SIMM, NIST, FIPS, FISMA, FedRAMP
Required Certifications (at Least One Per Category Below)
Penetration Testing Certification (1 required): CEPT, CPT, CEH, or CompTIA PenTest+ Security Risk or Cloud Certification (1 required): CRISC, CCSP, or CISSP
Tools And Technologies (Preferred/Used)
Tenable WAS Burp Suite Nmap / sqlmap Salesforce Jenkins / GitHub / CI-CD pipelines AWS OKTA Kubernetes / Docker Mulesoft Microsoft 365 for documentation Industry-standard cybersecurity validation frameworks
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Industries Software Development Referrals increase your chances of interviewing at Jobs via Dice by 2x Get notified about new Senior Application Security Consultant jobs in
Sacramento, CA . We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr