Independent Security Evaluators
Senior Application Security Pentester REMOTE
Independent Security Evaluators, Baltimore, Maryland, United States, 21276
Senior Application Security Pentester REMOTE
ISE is seeking a talented Senior level Application Security Pentester to join our team. Do you enjoy working with wicked smart people, like to hack into things, solve puzzles, and work on cool projects? ISE is the place for you!
What you’ll do at ISE:
Interface directly as a project lead, senior analyst, or in a scoping capacity
Mentor junior analysts throughout client assessments, research projects, findings reviews, and general professional and technical development
Perform hands‑on security assessments and reviews on various pieces of technology including but not limited to:
Web apps and APIs
Networks
Cloud architecture and configuration
Source code analysis
Hardware and firmware
Create comprehensive assessment reports that clearly identify vulnerabilities, how they impact our client’s digital assets, and remediation strategies
Provide consultative advice to ISE’s clients regarding best practices, design guidance, new threats, policies and processes, etc. Basically: be their genius friend who helps solve problems.
Perform research and develop whitepapers/presentations/etc. regarding relevant research, security topics, tools and techniques driven by your areas of interest and expertise
Opportunity to participate in IoT Village
What you won’t do at ISE:
Use scanners – we might use a scanning tool on occasion but our assessments are designed to find what scanners miss
Write policy or compliance rules or assess tools for regulatory purposes
Only hack with your head down – we are looking for folks who will talk with our clients, mentor others, and collaborate on projects, talks, and research
What you bring to the table:
6+ years in security consulting with a focus on application/software
Experience with programming and developing exploits
Familiarity with Unix command line tools and working in CLI environments
Skillset in the following:
Web and desktop application security (Advanced)
Cloud security and architecture (Advanced)
Mobile application security (Basic)
Background in the following:
Software vulnerability analysis, code analysis, and fuzzing
Reverse engineering through static and dynamic analysis
Analyzing cryptographic workflows
Analyzing network traffic
Experience interacting with clients in a consultative environment
Strong technical writing and oral communication skills
Public speaking experience
Desire to make things better: help our clients secure their products, help your colleagues grow and learn, self‑motivated and always seeking improvement
Nice to have (but we can teach you!)
IoT hardware security
Network security
Red Teaming
AI security
Experience with digital rights management and digital watermarking
Experience with secure software development
Familiarity with industry standard security policies (SOC2, OWASP ASVA, GDPR, ISO 27001, PCI, NIST CSF, etc) and their practical applications
Experience assessing generative AI technologies and applications
$115K–$165K, according to experience
If you don't think you meet all of the criteria above but are still interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.
What we bring to the table:
Check out joinise.io for full details
Work that matters; projects that impact people’s everyday life and wellbeing
Quality, integrity, dedication, and education: our core values
Life balance: flexible schedule, work from home options, unlimited vacation
$0 health premium plan option, including spouse and family
Opportunities to research and publish, speak at major security events and conferences
Leadership and peers that support and mentor you: your growth is our growth, your success is our success
Relaxed and fun environment: ditch the suit and tie, sit or stand at your desk or find a sofa
How you’ll learn at ISE: Everyone has a mentor, or two or three sometimes. We hold you and ourselves accountable for your advancement. You’ll learn directly from your mentor, your colleagues, resources vetted by the team, and at regular firetalk lunches by your peers – oh, and lunch is on us once a week in the office. You also have access to paid training, workshops, university courses, certification courses, and we’ll pay for the certs too. Want to learn a new skill that you aren’t currently using but want to? Great! Innovation is key–new technology is important.
About ISE: ISE is an independent security consulting and software firm headquartered in Baltimore, Maryland, dedicated to securing high value assets for global enterprises and performing groundbreaking security research. Using an adversary‑centric perspective driven by our elite team of analysts and developers, we improve our clients’ overall security posture, protect digital assets, harden existing technologies, secure infrastructures, and work with development teams to ensure product security prior to deployment. Our team enjoys working in a creative, educational, and comfortable environment where they can thrive professionally.
Building a Better Community: We value different viewpoints and fresh perspectives. We embrace people who challenge our thinking and question the status quo. We are opposed to narrow minded, exclusionary, and discriminatory viewpoints or practices that inherently undermine our creative process, hinder growth, and impede innovation.
Need more info? Be sure you spend some time at www.ise.io. Make sure you look through all the perks on the Careers page, then check out our Research and Blog, our events page for the IoT Village, and About page. Follow us on Twitter @ISEsecurity and @IoTvillage
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Computer and Network Security
Benefits
Medical insurance
Vision insurance
401(k)
Paid paternity leave
Paid maternity leave
Disability insurance
Referral program Referrals increase your chances of interviewing at Independent Security Evaluators by 2x
Get notified about new Penetration Tester jobs in
Baltimore, MD Get notified about new Penetration Tester jobs in
Baltimore, MD .
#J-18808-Ljbffr
What you’ll do at ISE:
Interface directly as a project lead, senior analyst, or in a scoping capacity
Mentor junior analysts throughout client assessments, research projects, findings reviews, and general professional and technical development
Perform hands‑on security assessments and reviews on various pieces of technology including but not limited to:
Web apps and APIs
Networks
Cloud architecture and configuration
Source code analysis
Hardware and firmware
Create comprehensive assessment reports that clearly identify vulnerabilities, how they impact our client’s digital assets, and remediation strategies
Provide consultative advice to ISE’s clients regarding best practices, design guidance, new threats, policies and processes, etc. Basically: be their genius friend who helps solve problems.
Perform research and develop whitepapers/presentations/etc. regarding relevant research, security topics, tools and techniques driven by your areas of interest and expertise
Opportunity to participate in IoT Village
What you won’t do at ISE:
Use scanners – we might use a scanning tool on occasion but our assessments are designed to find what scanners miss
Write policy or compliance rules or assess tools for regulatory purposes
Only hack with your head down – we are looking for folks who will talk with our clients, mentor others, and collaborate on projects, talks, and research
What you bring to the table:
6+ years in security consulting with a focus on application/software
Experience with programming and developing exploits
Familiarity with Unix command line tools and working in CLI environments
Skillset in the following:
Web and desktop application security (Advanced)
Cloud security and architecture (Advanced)
Mobile application security (Basic)
Background in the following:
Software vulnerability analysis, code analysis, and fuzzing
Reverse engineering through static and dynamic analysis
Analyzing cryptographic workflows
Analyzing network traffic
Experience interacting with clients in a consultative environment
Strong technical writing and oral communication skills
Public speaking experience
Desire to make things better: help our clients secure their products, help your colleagues grow and learn, self‑motivated and always seeking improvement
Nice to have (but we can teach you!)
IoT hardware security
Network security
Red Teaming
AI security
Experience with digital rights management and digital watermarking
Experience with secure software development
Familiarity with industry standard security policies (SOC2, OWASP ASVA, GDPR, ISO 27001, PCI, NIST CSF, etc) and their practical applications
Experience assessing generative AI technologies and applications
$115K–$165K, according to experience
If you don't think you meet all of the criteria above but are still interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.
What we bring to the table:
Check out joinise.io for full details
Work that matters; projects that impact people’s everyday life and wellbeing
Quality, integrity, dedication, and education: our core values
Life balance: flexible schedule, work from home options, unlimited vacation
$0 health premium plan option, including spouse and family
Opportunities to research and publish, speak at major security events and conferences
Leadership and peers that support and mentor you: your growth is our growth, your success is our success
Relaxed and fun environment: ditch the suit and tie, sit or stand at your desk or find a sofa
How you’ll learn at ISE: Everyone has a mentor, or two or three sometimes. We hold you and ourselves accountable for your advancement. You’ll learn directly from your mentor, your colleagues, resources vetted by the team, and at regular firetalk lunches by your peers – oh, and lunch is on us once a week in the office. You also have access to paid training, workshops, university courses, certification courses, and we’ll pay for the certs too. Want to learn a new skill that you aren’t currently using but want to? Great! Innovation is key–new technology is important.
About ISE: ISE is an independent security consulting and software firm headquartered in Baltimore, Maryland, dedicated to securing high value assets for global enterprises and performing groundbreaking security research. Using an adversary‑centric perspective driven by our elite team of analysts and developers, we improve our clients’ overall security posture, protect digital assets, harden existing technologies, secure infrastructures, and work with development teams to ensure product security prior to deployment. Our team enjoys working in a creative, educational, and comfortable environment where they can thrive professionally.
Building a Better Community: We value different viewpoints and fresh perspectives. We embrace people who challenge our thinking and question the status quo. We are opposed to narrow minded, exclusionary, and discriminatory viewpoints or practices that inherently undermine our creative process, hinder growth, and impede innovation.
Need more info? Be sure you spend some time at www.ise.io. Make sure you look through all the perks on the Careers page, then check out our Research and Blog, our events page for the IoT Village, and About page. Follow us on Twitter @ISEsecurity and @IoTvillage
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Computer and Network Security
Benefits
Medical insurance
Vision insurance
401(k)
Paid paternity leave
Paid maternity leave
Disability insurance
Referral program Referrals increase your chances of interviewing at Independent Security Evaluators by 2x
Get notified about new Penetration Tester jobs in
Baltimore, MD Get notified about new Penetration Tester jobs in
Baltimore, MD .
#J-18808-Ljbffr