Application Pen Testing Lead
Whether you’re an experienced professional or just getting started, your contributions matter at Fortra. If you’re passionate about tackling meaningful challenges alongside talented team members committed to helping each other succeed, all while having lots of fun, we want to hear from you. We offer competitive benefits and salaries, personal and professional development opportunities, flexibility, and much more!
Fortra is looking for a seasoned Application Security Testing Lead to join our growing Solution Security team and spearhead our testing initiatives. This role involves leading a team of security testers, collaborating with development and DevOps teams, and ensuring that our applications are secure by design and resilient against modern threats.WHAT YOU'LL DO
- Lead and mentor a team of application security testers and analysts.
- Plan, schedule, execute, and oversee security testing activities including static (SAST), dynamic (DAST), and interactive (IAST) testing.
- Perform manual and automated penetration testing of web, mobile, and API-based applications both on-premises and cloud-hosted
- Review code and architecture for security vulnerabilities and provide actionable remediation guidance.
- Develop and maintain threat models and security test plans.
- Track and report on security vulnerabilities, trends, and remediation progress.
- Stay current with emerging threats, vulnerabilities, and security technologies.
QUALIFICATIONS
- 5+ years of experience in application security testing, with at least 2 years in a leadership role.
- Deep understanding of OWASP Top 10, SANS CWE Top 25, and secure coding practices.
- Hands-on experience with tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Veracode, or similar. Prefer strong Burp Suite experience.
- Familiarity with scripting and coding languages and secure DevOps practices.
- Experience with cloud-native applications and container security is a plus.
Preferred Certifications:
- OSCP, GWAPT, or similar offensive security certifications
- CSSLP, CEH, or other relevant security credentials
At Fortra, we’re breaking the attack chain. Ready to join us? Visit our website to learn more about why employees choose to work for Fortra. Remember to connect with us on LinkedIn.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, veteran or disability status.
apply to this job