Application Security Consultant

About the role

As an Application Security Consultant (Penetration Testing), you will make an impact by conducting hands‑on manual penetration testing across web, mobile, and API applications to strengthen the security posture of our client environments. You will be a valued member of our Application Security team and will work collaboratively with security SMEs, engineering teams, and development partners.

• Perform in‑depth manual penetration testing of web, mobile, and API applications.
• Execute static, dynamic, and manual testing using a mature App Sec toolset.
• Identify, validate, and document security vulnerabilities with clear remediation guidance.
• Collaborate with engineering and development teams to review secure coding practices and strengthen application security controls.
• Utilize industry‑standard tools—including Burp Suite, Snyk, Sysdig, and Stack Hawk—to carry out security assessments efficiently.

We believe hybrid work is the way forward as we strive to provide flexibility wherever possible. Based on this role’s business requirements, this is a hybrid position requiring 2-3 days a week at a client’s of Cognizant's office in San Jose, California
. Regardless of your working arrangement, we are here to support a healthy work‑life balance through our various wellbeing programs.

The working arrangements for this role are accurate as of the date of posting and may change based on business and client needs.

• 7+ years of experience in Application Security, with a strong focus on manual penetration testing
  .
• Expertise testing web, mobile, and API applications.
• Strong proficiency with Burp Suite (mandatory).
• Experience with modern App Sec tools, including:
  • Snyk (SAST, SCA)
  • Sysdig (Container Security)
  • Stack Hawk (DAST)
• Hands‑on experience conducting static, dynamic, and manual testing
  , with manual testing as your strongest competency.
• Ability to break down complex vulnerabilities and communicate findings to technical and non‑technical stakeholders.

• Experience performing secure code reviews in addition to penetration testing.
• Strong understanding of secure development practices and Dev Sec Ops  principles.
• Industry certifications in App Sec or penetration testing (e.g., OSCP, OSWE, GWAPT, GPEN, eWPT).
• Experience working in agile or Dev Sec Ops  environments.

We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.

Applications will be accepted until March 15, 2026.

The annual salary for this position is between $ 114,000 - $ 130,000 depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Disclaimer:
The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.