All roles

Open role

Penetration Tester (Java/ Ethical Hacking focus) - Hybrid - Contract to Hire

Remote · Vietnam Full-time

Onsite role in Albany, NY - two days per week Wednesday/Thursday + every other Friday Overview: A Penetration Tester with a focus on Java application security is sought to identify, exploit, and fix vulnerabilities in Java applications to guard against cyber threats. Key Responsibilities:

  • Conduct penetration tests and vulnerability assessments for Java applications and infrastructure.
  • Identify security flaws in Java code using automated and manual methods.
  • Create and use custom exploits to test application security, simulating attacker tactics.
  • Collaborate with Development teams to understand application architecture and find security weaknesses early.
  • Collaborate with Testing teams to integrate with manual and automation testing.
  • Provide guidance on secure coding and how to fix vulnerabilities.
  • Stay updated on Java security threats and best practices.
  • Help improve secure development processes (SDLC).
  • Assist in responding to security incidents related to Java vulnerabilities, current published NIST CVE.
  • Clearly document and report findings, including technical details, risk assessment, and recommended solutions.
  • Communicate findings and recommendations to both technical and non-technical staff.
  • Contribute to security policies for Java development and deployment.
  • Manipulate URLs, query parameters and Application browser data to look for penetration avenues. Validate and asses' browser tokens and cache manipulation and Production vs. none prod architecture.
  • Familiar with MITRE ATT&CK Framework.

REQUIREMENTS:

  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • Minimum of 6 years of Development/Security experience
  • Experience in Penetration Testing/Ethical Hacking with a focus on Java application security.
  • Strong knowledge of Java programming and its security practices as well as scripting experience.
  • Core Java coding experience.
  • Previous job background as an engineer and Dev Sec position on a large scale public enterprise scale application.
  • Proficiency in web application security principles (e.g., OWASP).
  • Knowledge of common web vulnerabilities (e.g., SQL injection, XSS) and exploit techniques.
  • Experience with penetration testing tools like Burp Suite, Metasploit.
  • Familiarity with Fortify on Demand SAST and DAST tools.
  • Strong understanding of cryptography and secure communication protocols (e.g., SSL/TLS).
  • Excellent problem-solving and analytical skills.
  • Strong communication skills.
  • High ethical standards and confidentiality.

Preferred Qualifications:

  • Certifications such as OSCP, GWAPT, GXPN, GPEN, LPT, CEH, CISSP or other industry security certifications.
  • Experience with scripting languages (e.g., Python, Bash).
  • Experience with secure code review for Java.
  • Familiarity with cloud security testing.
  • Experience with mobile application penetration testing.
  • Knowledge of regulations like HIPAA.
  • Experience with API testing

More open positions

Penetration Tester (W-2 or 1099 | U.S.-Based)

Work from home Full-time role

QA Engineer | $42/hr Remote

Work from home Full-time role

ICF Incorporated, LLC: Senior Quality Assurance Engineer – Reston, VA

Work from home Full-time role

Software QA Engineer - REMOTE WORK ( no H-1Bs , no 1099 / C2C candidates )

Work from home Full-time role

Mobile Quality Assurance Tester/ Remote, (Denver, CO) 6+ Months Contract

Work from home Full-time role

Account Executive - Small Accounts

Work from home Full-time role

Remote Customer Service Representative – Full‑Time & Part‑Time Home‑Based Contact Center Position with careerzynith

Work from home Full-time role

[Remote] Staff Software Development Engineer - Front End

Work from home Full-time role

Senior Machine Learning Engineer

Work from home Full-time role

Customer Support Engineer – Technical Field Services & Client Success Specialist for Semiconductor Equipment

Work from home Full-time role

[Remote] Senior Data Engineer

Work from home Full-time role

Vlaamse Telemarketeer B2B bij Maximizd

Work from home Full-time role

Product Analyst

Work from home Full-time role

Remote Data Entry Specialist – Work From Home | Flexible Hours & Competitive Pay at careerzynith

Work from home Full-time role

Adjunct Faculty, Mathematics, Miramar, FL (Hybrid)

Work from home Full-time role

Growth Content & Community Manager, Remote Job

Work from home Full-time role

CAS-Technical Sales Representative-Hangzhou

Work from home Full-time role

Sr. Oncology Sales Representative - Chicago North

Work from home Full-time role

Senior Community Impact Officer (SCIO)

Work from home Full-time role

Growth Marketer (B2C)

Work from home Full-time role

[Remote] Project Manager - Remote

Work from home Full-time role