Job Description:

Position: Senior Web Application Penetration TesterLocation: Charlotte, NCDuration 6 MonthsBelow, you will find a complete breakdown of everything required of potential candidates, as well as how to apply Good luck.ONLY US CITIZENSWe are seeking a highly skilled and experienced Senior Web Application Penetration Tester to join our dynamic team in Charlotte, NC office. As a Senior Penetration Tester, you will be responsible for identifying and exploiting vulnerabilities in web applications, conducting thorough security assessments, and providing actionable recommendations to enhance our clients' security posture.Key Responsibilities:comprehensive penetration tests on web applications to identify security vulnerabilities, including but not limited to injection flaws, authentication and session management weaknesses, cross-site scripting (XSS), and insecure direct object references.both manual and automated techniques to discover, exploit, and mitigate security vulnerabilities.with cross-functional teams to prioritize and remediate identified vulnerabilities based on risk assessment.detailed reports documenting findings, including clear and actionable recommendations for remediation.up-to-date with the latest cybersecurity threats, vulnerabilities, and mitigation techniques, and actively contribute to the team's knowledge base.mentorship and guidance to junior team members, fostering their professional development in the field of web application security.as a subject matter expert in web application security, providing guidance and support to both technical and non-technical stakeholders.Requirements:degree in Computer Science, Information Security, or related field. Equivalent work experience may be considered.of 5 years of experience in web application penetration testing.in using industry-standard penetration testing tools such as Burp Suite, OWASP ZAP, and Metasploit.knowledge of web application security vulnerabilities and exploitation techniques, including OWASP Top 10.understanding of web technologies such as HTML, JavaScript, CSS, and server-side scripting languages (e.g., PHP, Python, ).with various operating systems, including Windows, Linux, and Unix.communication skills, with the ability to effectively convey technical information to both technical and non-technical stakeholders.or more relevant certifications such as:Security Certified Professional (OSCP)Information Systems Security Professional (CISSP)Ethical Hacker (CEH)Web Application Penetration Tester (GWAPT)Certified Security Analyst (ECSA)be a US Citizen.Preferred Qualifications:with cloud platforms such as AWS, Azure, or Google Cloud Platform.with DevOps principles and practices.with mobile application security testing.of secure coding practices and static code analysis tools.