Agari (Acquired by Fortra)
Application Security Testing Lead
Agari (Acquired by Fortra), Washington, District Of Columbia, United States, 20001
Application Security Testing Lead
Whether you're an experienced professional or just getting started, your contributions matter at Fortra. If you're passionate about tackling meaningful challenges alongside talented team members committed to helping each other succeed, all while having lots of fun, we want to hear from you. We offer competitive benefits and salaries, personal and professional development opportunities, flexibility, and much more! Fortra are looking for a seasoned Application Security Testing Lead to join our growing Solution Security team and spearhead our testing initiatives. This role involves leading a team of security testers, collaborating with development and DevOps teams, and ensuring that our applications are secure by design and resilient against modern threats. What You'll Do Lead and mentor a team of application security testers and analysts. Plan, schedule, execute, and oversee security testing activities including static (SAST), dynamic (DAST), and interactive (IAST) testing. Perform manual and automated penetration testing of web, mobile, and API-based applications
both on-premises and cloud-hosted. Review code and architecture for security vulnerabilities and provide actionable remediation guidance. Develop and maintain threat models and security test plans. Track and report on security vulnerabilities, trends, and remediation progress. Stay current with emerging threats, vulnerabilities, and security technologies. Collaborate with development teams to integrate security testing into CI/CD pipelines. Qualifications 5+ years of experience in application security testing, with at least 2 years in a leadership role. Deep understanding of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Hands-on experience with tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Veracode, or similar. Prefer strong Burp Suite experience. Familiarity with scripting and coding languages and secure DevOps practices. Experience with cloud-native applications and container security is a plus. Preferred Certifications OSCP, GWAPT, or similar offensive security certifications CSSLP, CEH, or other relevant security credentials Other Skills Strong leadership and team collaboration skills Cross-functional collaboration and coordination Excellent communication and reporting abilities Analytical mindset with a detail-oriented approach Compensation: $95,000 - $135,000 USD
Whether you're an experienced professional or just getting started, your contributions matter at Fortra. If you're passionate about tackling meaningful challenges alongside talented team members committed to helping each other succeed, all while having lots of fun, we want to hear from you. We offer competitive benefits and salaries, personal and professional development opportunities, flexibility, and much more! Fortra are looking for a seasoned Application Security Testing Lead to join our growing Solution Security team and spearhead our testing initiatives. This role involves leading a team of security testers, collaborating with development and DevOps teams, and ensuring that our applications are secure by design and resilient against modern threats. What You'll Do Lead and mentor a team of application security testers and analysts. Plan, schedule, execute, and oversee security testing activities including static (SAST), dynamic (DAST), and interactive (IAST) testing. Perform manual and automated penetration testing of web, mobile, and API-based applications
both on-premises and cloud-hosted. Review code and architecture for security vulnerabilities and provide actionable remediation guidance. Develop and maintain threat models and security test plans. Track and report on security vulnerabilities, trends, and remediation progress. Stay current with emerging threats, vulnerabilities, and security technologies. Collaborate with development teams to integrate security testing into CI/CD pipelines. Qualifications 5+ years of experience in application security testing, with at least 2 years in a leadership role. Deep understanding of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Hands-on experience with tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Veracode, or similar. Prefer strong Burp Suite experience. Familiarity with scripting and coding languages and secure DevOps practices. Experience with cloud-native applications and container security is a plus. Preferred Certifications OSCP, GWAPT, or similar offensive security certifications CSSLP, CEH, or other relevant security credentials Other Skills Strong leadership and team collaboration skills Cross-functional collaboration and coordination Excellent communication and reporting abilities Analytical mindset with a detail-oriented approach Compensation: $95,000 - $135,000 USD