TrustedSec is seeking a passionate information security professional to join our Software Security Team. The Application Security Consultant/Penetration Tester will report to the Practice Lead and be responsible for assisting clients in their software security needs, including conducting application security assessments to identify vulnerabilities, deliver clear and actionable findings, and help clients improve their overall security posture. At times, the consultant will also work with other teams within the organization to collaborate on deliverables.
This is both a technical and client-facing role. As such, the candidate should have experience in penetration testing and software development and be capable of building direct client relationships while contributing to TrustedSec’s growing body of security knowledge.
The candidate must be legally authorized to work in the United States. TrustedSec cannot provide sponsorship or consider applicants located outside the United States.
This is a remote position, allowing employees to work from their home residence within the United States. Occasional travel to client sites or industry-related events is required.
Duties/Responsibilities:
- Conduct high-quality software security assessments with limited direct supervision
- Produce clear, technically accurate reports with testing walkthroughs, findings, and actionable recommendations for both technical and executive audiences
- Conduct client meetings, serve as the primary point of contact, and interface directly with clients during engagements
- Serve as a subject matter expert for other consultants/teams and regularly collaborate and contribute to furthering the education and progression of the skills and success of everyone at TrustedSec
- Maintain and build upon cybersecurity knowledge and skills by attending educational workshops and adopting a curious, continuous learning mindset
- Review publications, write blog posts, and potentially speak at conferences or other events
Minimum Requirements:
- 2+ years' recent experience testing web applications, thick clients, APIs, and web services
- Proficiency in Burp Suite Professional
- 2+ years' recent experience performing both unauthenticated and authenticated application testing
- Advanced knowledge of manual application security testing, penetration testing methodologies, the OWASP Top 10, and the OWASP Testing Guide
- Strong understanding of common security controls and vulnerability testing techniques
- Passion for the Information Security industry, including keeping up to date with current software technologies, platforms, frameworks, and security issues
- Good time management skills and the ability to meet strict deadlines
- Demonstrated analytical and project management skills
- Excellent verbal and written communication skills including active listening and competence in presenting findings and recommendations to audiences with a range of technical understanding
- Ability to write technical documents with correct spelling, grammar, and punctuation and the ability to distill information for non-technical readers
- Thrive in a fast-paced, collaborative environment
- Ability to take initiative and work independently
Desired Skills/Education/Experience:
- Familiarity with AI/LLMs/frontier models/agentic tools/coding assistants
- Experience in mobile application testing
- Ability to conduct source code reviews in multiple programming languages
- Prior consulting experience
- Industry-recognized security certification(s) such as OSWE, Burp Suite Certified Practitioner, OSCP, etc.
- Programming/software development experience/DBA/sysadmin/etc.
- Experience maintaining high levels of privacy and OpSec for clients, including government agencies
Physical Requirements:
- Prolonged periods of sitting at a desk and working on a computer
- Ability to lift 15 pounds at times
- Travel up to 10% over the course of the calendar year
- Must reside in the United States
Salary Description:
Base compensation typically ranges from $80,000 - $150,000 and is determined by multiple factors such as geographic location, relevant experience, and demonstrated skills. In addition to base pay, we offer a generous paid time off allowance, paid holidays, and a performance pay bonus program.
Learn more about TrustedSec here!