Job Description

Job Summary Web Application Penetration Tester


- Lead manual penetration testing of in-house developed web application (CARE) to discover security vulnerabilities and propose remediations.
- Conduct detailed penetration tests using common frameworks such as OWASP to identify and exploit vulnerabilities.
- Document findings, report vulnerabilities, and provide solutions to the development team.
- Collaborate closely with development team to verify and implement remediations.
- Develop and maintain automation scripts to re-run security tests, ensuring new vulnerabilities are detected before deployment.
- Mentor and train development team on secure coding practices and web application security (including OWASP Top 10).
- Serve as subject matter expert on web application security, providing guidance and expertise to internal teams.
- Participate in code reviews and provide feedback to ensure security standards are met.
- Work collaboratively with cross-functional teams (Business, QA, Operations) to scope and draft functional requirements.
- Assist business users in creating test cases, use cases, and perform functional testing.
- Provide timely and effective reporting on the status of projects and remediation efforts.
- Ensure all project documentation and IT requirements are completed and maintained as per internal standards.
- Participate in and contribute to training and mentoring plans for State Fund employees, focusing on security skills enhancement.
- Communicate effectively with users at all levels, and present technical solutions to both technical and non-technical audiences.
- Demonstrate strong knowledge of Java, Spring, Oracle, Linux, and Windows in the context of secure application development and testing.
- Manage all aspects of the penetration testing and support functions, including planning, execution, and reporting.

Job Tags

Similar Jobs