×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security IT Consultant

Senior Web and Mobile Application Penetration Tester

Job in New Gloucester, Cumberland County, Maine, 04260, USA
Listing for: Deer Brook Consulting, Inc.
Full Time position
Listed on 2025-11-27
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Location: New Gloucester
Senior Web and Mobile Application Penetration Tester

Full-Time or Contract

New Gloucester, ME, Remote, or Hybrid

About the Role

We are seeking an experienced and highly skilled Web and Mobile Application Penetration Tester to join our cybersecurity team.

In this role, you will be responsible for conducting advanced security assessments of web and mobile applications, identifying vulnerabilities, and providing actionable remediation guidance to clients.

What You'll Do

Perform manual and automated penetration tests on web and mobile (iOS/Android) applications.

Identify, exploit, and document vulnerabilities in line with OWASP Top 10, OWASP MASVS, and other relevant security standards.

Simulate real-world attacks to assess application and API security posture.

Produce detailed and executive-level reports with clear risk ratings and remediation steps for clients.

Validate fixes for previously identified vulnerabilities and regress test for related issues.

Stay current on the latest attack techniques, vulnerabilities, and industry trends.

What We're Looking For

3–5+ years of hands-on experience in penetration testing, with a strong focus on web and mobile applications.

Expertise in OWASP Top 10, OWASP MASVS, and common API vulnerabilities.

Proficient in tools such as Burp Suite, OWASP ZAP, MobSF, Postman, and others.

Experience in reverse engineering mobile applications, including analyzing APKs/IPAs and bypassing root/jailbreak detection.

Solid understanding of authentication mechanisms (OAuth2, JWT, SSO), session management, encryption, and secure coding practices.

Familiarity with CI/CD pipelines and integration of security testing tools.

Strong report writing skills, with the ability to communicate technical details clearly to both technical and non-technical audiences.

Preferred Qualifications

Certifications such as OSCP, OSEP, OSWA, OSWE, HTB CWES, GMOB, or GWAPT.

Experience testing and remediating a variety of web/mobile application stacks.

Experience testing cloud security (AWS, GCP, or Azure).

Experience with scripting and automation (Powershell, Bash, Python).

Understanding of regulatory and compliance requirements (PCI-DSS, HIPAA, GDPR, etc.).

Why Join Us?

We offer a competitive salary, plus performance bonuses.

Our work arrangements are flexible and a blend of remote and hybrid.

We set aside a budget for learning & development, allowing you opportunities to earn certifications and undergo additional training.

We pride ourselves of our collaborative and security-first culture.

You will have an exciting opportunity to work on cutting-edge technology stacks and security challenges.

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search