[Remote] Application Security Consultant / Penetration Tester
Note: The job is a remote job and is open to candidates in USA. TrustedSec is seeking a passionate information security professional to join their Software Security Team. The Application Security Consultant/Penetration Tester will assist clients in their software security needs, conducting assessments to identify vulnerabilities and improve security posture.
Responsibilities
- Conduct high-quality software security assessments with limited direct supervision
- Produce clear, technically accurate reports with testing walkthroughs, findings, and actionable recommendations for both technical and executive audiences
- Conduct client meetings, serve as the primary point of contact, and interface directly with clients during engagements
- Serve as a subject matter expert for other consultants/teams and regularly collaborate and contribute to furthering the education and progression of the skills and success of everyone at TrustedSec
- Maintain and build upon cybersecurity knowledge and skills by attending educational workshops and adopting a curious, continuous learning mindset
- Review publications, write blog posts, and potentially speak at conferences or other events
Skills
- The candidate must be legally authorized to work in the United States
- 2+ years' recent experience testing web applications, thick clients, APIs, and web services
- Proficiency in Burp Suite Professional
- 2+ years' recent experience performing both unauthenticated and authenticated application testing
- Advanced knowledge of manual application security testing, penetration testing methodologies, the OWASP Top 10, and the OWASP Testing Guide
- Strong understanding of common security controls and vulnerability testing techniques
- Passion for the Information Security industry, including keeping up to date with current software technologies, platforms, frameworks, and security issues
- Good time management skills and the ability to meet strict deadlines
- Demonstrated analytical and project management skills
- Excellent verbal and written communication skills including active listening and competence in presenting findings and recommendations to audiences with a range of technical understanding
- Ability to write technical documents with correct spelling, grammar, and punctuation and the ability to distill information for non-technical readers
- Thrive in a fast-paced, collaborative environment
- Ability to take initiative and work independently
- This is a remote position, allowing employees to work from their home residence within the United States
- Occasional travel to client sites or industry-related events is required
- Prolonged periods of sitting at a desk and working on a computer
- Ability to lift 15 pounds at times
- Travel up to 10% over the course of the calendar year
- Must reside in the United States
- Familiarity with AI/LLMs/frontier models/agentic tools/coding assistants
- Experience in mobile application testing
- Ability to conduct source code reviews in multiple programming languages
- Prior consulting experience
- Industry-recognized security certification(s) such as OSWE, Burp Suite Certified Practitioner, OSCP, etc
- Programming/software development experience/DBA/sysadmin/etc
- Experience maintaining high levels of privacy and OpSec for clients, including government agencies
Benefits
- Generous paid time off allowance
- Paid holidays
- Performance pay bonus program
Company Overview