Application Security Specialist
Indexed description
Responsibilities
- Perform hands-on application penetration testing across web, mobile, API, thick client, AI/LLM integrations, and MCP-enabled application components.
- Perform threat modeling and secure design reviews to identify risks early in the development lifecycle.
- Support development teams with practical remediation guidance and secure implementation recommendations.
- Perform Secure Software Development Lifecycle and secure coding training for developers.
- Evaluate and improve customers’ application security development lifecycle, including secure coding practices, vulnerability management, remediation workflows, and security gates.
- Participate in client-facing discussions, including assessment scoping, finding walkthroughs, remediation alignment, and retest updates.
- 2+ years of hands-on experience in application penetration testing.
- Strong understanding of OWASP Top 10 and CWE Top 25, with proven experience identifying vulnerabilities and supporting practical remediation strategies.
- Familiarity with high-level programming languages (Java, JS, Python, etc.).
- Relevant App PT training and certifications such as EWPTX, OSWE, etc.
- Strong English communication skills, with the ability to communicate technical topics clearly in client-facing discussions.
- Advantage: Deep understanding of the LLM Top 10, AI security risks, MCP security risks, and AI/LLM hacking techniques.
- Advantage: Proven experience in secure code review or high-level code auditing.
- Advantage: Knowledge of Secure SDLC practices, and methodologies, including Microsoft SDL, OWASP SAMM, and OWASP ASVS.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search