Senior Application Security Pentester REMOTE - Baltimore - Independent Security Evaluators

Description

Senior Application Security Pentester REMOTE

Join to apply for the Senior Application Security Pentester REMOTE role at Independent Security Evaluators

Senior Application Security Pentester REMOTE

Join to apply for the Senior Application Security Pentester REMOTE role at Independent Security Evaluators

Independent Security Evaluators provided pay range

This range is provided by Independent Security Evaluators. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

$85,000.00/yr - $165,000.00/yr

ISE is seeking a talented Mid to Senior level Application Security Pentester to join our team. Do you enjoy working with wicked smart people, like to hack into things, solve puzzles, and work on cool projects? ISE is the place for you

What you'll do at ISE:

• Interface directly as a project lead, senior analyst, or in a scoping capacity
• Mentor junior analysts throughout client assessments, research projects, findings reviews, and general professional and technical development
• Perform hands-on security assessments and reviews on various pieces of technology including but not limited to:
• ---Web apps and APIs
• ---Networks
• ---Cloud architecture and configuration
• ---Source code analysis
• ---Hardware and firmware
• Create comprehensive assessment reports that clearly identify vulnerabilities, how they impact our client's digital assets, and remediation strategies
• Provide consultative advice to ISE's clients regarding best practices, design guidance, new threats, policies and processes, etc. Basically: be their genius friend who helps solve problems.
• Perform research and develop whitepapers/presentations/etc. regarding relevant research, security topics, tools and techniques driven by your areas of interest and expertise
• Opportunity to participate in IoT Village

What you won't do at ISE:

• Use scanners - we might use a scanning tool on occasion but our assessments are designed to find what scanners miss
• Write policy or compliance rules or assess tools for regulatory purposes
• Only hack with your head down - we are looking for folks who will talk with our clients, mentor others, and collaborate on projects, talks, and research

What you bring to the table:

• 4-6+ years in security consulting with a focus on application/software
• Experience with programming and developing exploits
• Familiarity with Unix command line tools and working in CLI environments
• Skillset in the following:
• ---Web and desktop application security (Advanced)
• ---Cloud security and architecture (Advanced)
• ---Mobile application security (Basic)
• Background in the following:
• ---Software vulnerability analysis, code analysis, and fuzzing
• ---Reverse engineering through static and dynamic analysis
• ---Analyzing cryptographic workflows
• ---Analyzing network traffic
• ---Experience interacting with clients in a consultative environment
• Strong technical writing and oral communication skills
• Public speaking experience
• Desire to make things better: help our clients secure their products, help your colleagues grow and learn, self-motivated and always seeking improvement

Nice to have (but we can teach you):

• Skillset in the following:
• ---IoT hardware security
• ---Network security
• ---AI security
• Experience with digital rights management and digital watermarking
• Experience with secure software development
• Familiarity with industry standard security policies (SOC2, OWASP ASVA, GDPR, ISO 27001, PCI, NIST CSF, etc) and their practical applications
• Experience assessing generative AI technologies and applications

Mid Level: $85K-$125K, according to experience

Senior Level: $115K-$165K, according to experience

If you don't think you meet all of the criteria above but are still interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.

What we bring to the table:

• Check out joinise.io for full details
• Work that matters; projects that impact people's everyday life and wellbeing
• Quality, integrity, dedication, and education: our core values
• Life balance: flexible schedule, work from home options, unlimited vacation
• $0 health premium plan option, including spouse and family
• Opportunities to research and publish, speak at major security events and conferences
• Leadership and peers that support and mentor you: your growth is our growth, your success is our success
• Relaxed and fun environment: ditch the suit and tie, sit or stand at your desk or find a sofa

How you'll learn at ISE:

Everyone has a mentor, or two or three sometimes. We hold you and ourselves accountable for your advancement. You'll learn directly from your mentor, your colleagues, resources vetted by the team, and at regular firetalk lunches by your peers – oh, and lunch is on us once a week in the office. You also have access to paid training, workshops, university courses, certification courses, and we'll pay for the certs too. Want to learn a new skill that you aren't currently using but want to? Great Innovation is key–new technology is important.

About ISE:

ISE is an independent security consulting and software firm headquartered in Baltimore, Maryland, dedicated to securing high value assets for global enterprises and performing groundbreaking security research. Using an adversary-centric perspective driven by our elite team of analysts and developers, we improve our clients' overall security posture, protect digital assets, harden existing technologies, secure infrastructures, and work with development teams to ensure product security prior to deployment. Our team enjoys working in a creative, educational, and comfortable environment where they can thrive professionally.

Building a Better Community:

We value different viewpoints and fresh perspectives. We embrace people who challenge our thinking and question the status quo. We are opposed to narrow minded, exclusionary, and discriminatory viewpoints or practices that inherently undermine our creative process, hinder growth, and impede innovation.

Need more info?

Be sure you spend some time at www.ise.io. Make sure you look through all the perks on the Careers page, then check out our Research and Blog, our events page for the IoT Village, and About page. Follow us on Twitter @ISEsecurity and @IoTvillage

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Computer and Network Security

Referrals increase your chances of interviewing at Independent Security Evaluators by 2x

Inferred from the description for this job

Medical insurance

Vision insurance

401(k)

Paid paternity leave

Paid maternity leave

Disability insurance

Get notified when a new job is posted.

Sign in to set job alerts for "Penetration Tester" roles.

Maryland, United States $90,000.00-$155,000.00 8 months ago

Maryland, United States $90,000.00-$155,000.00 8 months ago

Intermediate Digital Forensics Malware Analyst

Maryland, United States $187,000.00-$240,000.00 6 days ago

Sr. Detections Content Operations Engineer (Mountain, Central or Eastern Remote)

Baltimore, MD $135,000.00-$215,000.00 2 weeks ago

Sr. Threat Hunting Intelligence Analyst (Remote, East Coast)

Baltimore, MD $95,000.00-$160,000.00 2 weeks ago

Staff Security Operations Engineer (Observability & Automation)

AppEx - Kibana Security - Backend Engineer II (TypeScript, Node.js)

Maryland, United States $110,900.00-$210,700.00 2 weeks ago

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.