AceStack
Web Application Security & Penetration Testing Associate
AceStack, Atlanta, Georgia, United States, 30383
Web Application Security & Penetration Testing Associate
Location: Atlanta, GA
Contract
We are seeking a skilled and detail-oriented Web Application Security and Penetration Testing Associate. This role involves identifying vulnerabilities in web applications, APIs, and related AWS infrastructure through manual and automated penetration testing techniques. The ideal candidate will have a strong understanding of web technologies, security principles, and ethical hacking methodologies.
Key Responsibilities
Perform SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing)
Perform web application penetration tests to identify vulnerabilities such as SQL injection, XSS, CSRF, authentication flaws, and insecure configurations, etc.
Conduct manual and automated security assessments using industry‑standard tools.
Analyze application architecture and source code for security weaknesses.
Prepare detailed reports outlining findings, risk ratings, and remediation recommendations.
Collaborate with development teams to validate fixes and improve secure coding practices.
Stay updated on latest security threats, exploits, and testing methodologies.
Support compliance efforts (e.g., OWASP Top 10)
Required Skills
Web technologies (Angular, JAVA Spring boot, REST/ SOAP APIs)
Security frameworks (OWASP Top 10)
Hands‑on experience with tools: Kali Linux, Fortinet (good to have)
Familiarity with secure coding practices and static/dynamic code analysis.
Ability to document and communicate technical findings to both technical and non-technical stakeholders.
Seniority Level
Mid‑Senior level
Employment Type
Contract
Job Function
Information Technology
Software Development
#J-18808-Ljbffr
Contract
We are seeking a skilled and detail-oriented Web Application Security and Penetration Testing Associate. This role involves identifying vulnerabilities in web applications, APIs, and related AWS infrastructure through manual and automated penetration testing techniques. The ideal candidate will have a strong understanding of web technologies, security principles, and ethical hacking methodologies.
Key Responsibilities
Perform SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing)
Perform web application penetration tests to identify vulnerabilities such as SQL injection, XSS, CSRF, authentication flaws, and insecure configurations, etc.
Conduct manual and automated security assessments using industry‑standard tools.
Analyze application architecture and source code for security weaknesses.
Prepare detailed reports outlining findings, risk ratings, and remediation recommendations.
Collaborate with development teams to validate fixes and improve secure coding practices.
Stay updated on latest security threats, exploits, and testing methodologies.
Support compliance efforts (e.g., OWASP Top 10)
Required Skills
Web technologies (Angular, JAVA Spring boot, REST/ SOAP APIs)
Security frameworks (OWASP Top 10)
Hands‑on experience with tools: Kali Linux, Fortinet (good to have)
Familiarity with secure coding practices and static/dynamic code analysis.
Ability to document and communicate technical findings to both technical and non-technical stakeholders.
Seniority Level
Mid‑Senior level
Employment Type
Contract
Job Function
Information Technology
Software Development
#J-18808-Ljbffr