Lead security tests from scoping to report, working with developers to address findings. Proactively discover vulnerabilities and track them to resolution with developers. Validate security controls to ensure alignment with compliance and industry standard methodologies
Track and analyze vulnerabilities in applications, providing guidance and support for remediation efforts. Determine and recommend remediation guidelines
Investigate and triage vulnerabilities reported from external sources, including Responsible Disclosure program
Collaborate with engineers, consultants and leadership to resolve security risks and provide mitigation recommendations

Requirements

3+ years previous experience in Information Security
1+ years of penetration testing (or similar) experience OR 2+ years’ experience working within software development
Bachelor’s degree in Computer Science or Information Security, or equivalent work experience
Penetration testing or application security certifications are a plus, such as OSCP, GWAPT, CEH, among others
Good understanding of application security weaknesses for various technologies including web applications, databases, and multi-tier applications
Ability to review source code and explain mitigation controls within source code for various programming languages (Java, C, Go, JavaScript, etc.)
Experience with application security scanning tools such as SAST, SCA and DAST
Experience with web application testing tools like Burp Suite, OWASP ZAP, or Caido

Benefits

medical
dental
vision
matching 401(k)
paid time off
wellness program
coveted employee discounts for Sony products

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

penetration testingapplication securityvulnerability assessmentsource code reviewJavaCGoJavaScriptapplication security weaknessesremediation guidelines

Soft Skills

collaborationcommunicationproblem-solvingguidancesupportleadership

Certifications

OSCPGWAPTCEH