Key Responsibilities:
* Conduct Application Penetration Testing on APIs, Web, and Mobile applications to identify and validate security vulnerabilities.
* Offer targeted, language-specific guidance to the development community on addressing vulnerabilities.
* Collaborate across teams to reduce application risks and oversee the remediation of security issues.
* Build trust with stakeholders and position yourself as a key resource in remediation efforts.
* Analyse vulnerability data to identify trends and create risk-based action plans for prompt and secure resolution.
* Stay informed on emerging security threats and research the latest trends in application security.
Required Skills/Experience:
* Proven experience in Application Security roles, focusing on Application Penetration Testing, Dynamic Application Security Testing (DAST) for APIs, Web, and Mobile applications.
* Skilled in using the CVSS (Common Vulnerability Scoring System) calculator to evaluate and prioritize risks based on severity and potential impact.
* Hands-on experience with recommending and implementing remediation strategies for vulnerabilities.
* Strong understanding of application-level security risks and methods for testing them.
* Familiar with the OWASP Top 10 and SANS Top 25 vulnerabilities.
* Experience working with tools such as Burp Suite Professional, Jira, and ServiceNow.
* Ability to deliver multiple key tasks efficiently while maintaining high standards of quality.
* Excellent communication skills, capable of explaining vulnerabilities, risks, and remediation plans to both technical and non-technical stakeholders.
* Experience in managing and coordinating tasks across multiple projects.
Preferred Skills/Experience:
* Familiarity with the New Ways of Working (NWOW) framework and Agile methodologies, with a focus on adapting to evolving project needs and fostering continuous improvement.
* Project Management experience is a plus.
* Experience in the financial services industry.