Search for Senior Application Security Pentester roles in Baltimore, MD, offering remote work options, with a salary range of $115,000 to $165,000, requiring 4-6 years of experience, and focusing on application security.

Okay, I've searched for Senior Application Security Pentester roles in Baltimore, MD that offer remote work options, with a salary range of $115,000 to$ 165,000, requiring 4-6 years of experience, and focusing on application security. I have found 45 positions for you. You can review them now.

Senior Application Security Pentester

Baltimore, MD

Remote

$115000+

$165000-

4 years + Experience

Can you help me to analyze the job description and company culture?

Sure. Here's the analysis:

Job Analysis:

The Senior Application Security Pentester role at Independent Security Evaluators (ISE) is fundamentally about ensuring the security of applications and associated technologies through hands-on assessment and consultative guidance. The primary responsibilities involve acting as a project leader or senior analyst, conducting detailed security assessments across various platforms—web applications, APIs, cloud architectures, and source code analysis. This position requires candidates to not only demonstrate technical prowess but also mentoring abilities, as they will guide junior analysts and collaborate directly with clients to address vulnerabilities and enhance their security practices. Key skills required include advanced knowledge of application and cloud security, familiarity with Unix tools, and the ability to articulate complex security issues clearly through reports and presentations. Candidates will need to be self-motivated problem-solvers, comfortable navigating ambiguous situations and engaging with diverse stakeholders. Success in this role within the first year will likely be measured by the ability to lead successful assessments, mentor team members effectively, and develop strategic recommendations that lead to actionable improvements in clients' security postures.

Company Analysis:

Independent Security Evaluators (ISE) operates within the security consulting industry, mainly focusing on high-value asset protection and software security solutions. This positioning as a specialist firm suggests that the Senior Application Security Pentester will play a crucial role in shaping security assessments that enhance the firm's reputation for thoroughness and expertise. The company promotes a culture of community, flexibility, and personal empowerment, which emphasizes collaboration among smart professionals and encourages creative problem-solving. This culture of engagement means that candidates for this role should expect an environment that values professional growth and knowledge sharing, pivotal for both individual success and collective progress within teams. The role is likely situated as an individual contributor to senior teams, providing significant visibility to leadership as the candidate navigates both technical challenges and client interactions. Moreover, this position aligns strategically with ISE's broader goal of enhancing client security while fostering a learning environment that continuously adapts to emerging threats in the tech landscape.

Mock up some interview questions based on the job description.

Absolutely. Here are some mock interview questions that could come up:

Tell me about a time when you had to mentor someone on a technical topic. How did you approach it?
Can you describe a challenging security assessment you conducted? What were the key findings?
How do you prioritize tasks when working on multiple client assessments simultaneously?
What hands-on experience do you have with application security tools and methodologies, and how have you applied them in your work?
How would you approach conducting a security assessment for a cloud-based application?
What steps would you take to communicate a critical vulnerability to a client who may not be technically savvy?
Imagine you are reviewing a new web application that has a significant increase in user traffic. You find a potential security vulnerability. How would you handle this situation?
Suppose a client is resistant to making necessary changes after your assessment. How would you persuade them to take action?
Why are you interested in working at Independent Security Evaluators specifically?
How do your personal values align with what ISE stands for in terms of community and innovation?
What do you see as the biggest emerging threat in application security today, and how should companies prepare for it?
How do you stay updated on the latest trends and technologies in the application security field?
What questions do you have about the team structure and the types of projects you would be working on?
Can you tell me about a piece of research or a whitepaper you have developed? What was its impact?

Job Details

Overview Company

Senior Application Security Pentester

$115k/y-$165k/y

Independent Security Evaluators

3 days ago

Highlight

RemoteFull-time4+ yearsSenior

Summary

Independent Security Evaluators (ISE) is seeking a Senior Application Security Pentester to join their team remotely. The role involves leading security assessments, mentoring junior analysts, and providing consultative advice to clients.

About the Role

As a Senior Application Security Pentester, you will interface directly as a project lead or senior analyst, mentor junior analysts, perform hands-on security assessments on web apps, mobile apps, networks, cloud architecture, source code, and hardware. You will create comprehensive assessment reports, provide consultative advice to clients, and develop research whitepapers and presentations. You will also have the opportunity to participate in IoT Village.

About You

Required:

4-6+ years in security consulting with a focus on application/software.
Experience with programming and developing exploits.
Familiarity with Unix command line tools and working in CLI environments.
Advanced skillset in web and desktop application security and cloud security and architecture.
Basic skillset in mobile application security.
Background in software vulnerability analysis, code analysis, fuzzing, reverse engineering, cryptographic workflows, and network traffic analysis.
Strong technical writing and oral communication skills.
Public speaking experience.
Desire to make things better and help clients secure their products.

Preferred:

Skillset in IoT hardware security, network security, red teaming, and AI security.
Experience with digital rights management and digital watermarking.
Experience with secure software development.
Familiarity with industry standard security policies (SOC2, OWASP ASVA, GDPR, ISO 27001, PCI, NIST CSF).
Experience assessing generative AI technologies and applications.

Benefits

Work that matters with projects impacting everyday life and wellbeing.
Core values of quality, integrity, dedication, and education.
Flexible schedule and work from home options.
Unlimited vacation.
$0 health premium plan option, including spouse and family.
Opportunities to research and publish, speak at major security events and conferences.
Supportive leadership and peers for growth and mentorship.
Relaxed and fun environment.
Mentorship and accountability for advancement.
Access to paid training, workshops, university courses, certification courses, and paid certifications.

Independent Security Evaluators

Companies come to ISE when they need to find and fix their security vulnerabilities and prove their tech is secure. They also come to ISE when they need help managing the complex and error prone process of managing security assessments.

People come to work at ISE because it’s community, flexibility, and they are empowered to do meaningful work that helps others.

Baltimore, MD