Position Summary As a key member of our Internal Product Security Engineering team, you will lead penetration-testing engagements for high-scale web applications and APIs, validating security controls and uncovering exploitable weaknesses. In parallel, you will conduct structured threat-modeling workshops and security-design reviews for new features and services, managing each engagement from scoping to remediation follow‑up in close partnership with engineering and cross‑functional stakeholders. The insights you provide will drive prompt fixes and shape the organization’s long‑term security roadmap. Key Responsibilities Penetration Testing Plan, execute, and document manual and tool‑assisted tests for enterprise‑scale web apps and REST/GraphQL/gRPC APIs. Demonstrate exploitation paths (auth / logic / data exposure) and develop proofs‑of‑concept. Retest remediations and deliver clear, prioritized reports. Threat Modeling & Security Design Review Facilitate formal and informal Threat Modeling using STRIDE‑like frameworks or Attack‑Tree sessions for new or significantly modified services. Produce risk artefacts, recommend mitigations, and track closure of findings. Security Engineering & Advocacy Champion secure‑by‑default patterns (least privilege, IaC hardening, SDL best practices) across the SDLC. Contribute to internal security tooling and CI/CD guardrails. Requirements Bachelor’s degree in Computer Science, Engineering, or equivalent practical experience. 4+ years in product or application security engineering with hands‑on web/API penetration‑testing work. Expertise with a leading pentest platform (Burp Suite Pro, OWASP ZAP, Nuclei, etc.). Scripting/automation ability in Python, Go, or similar; quick at reading unfamiliar codebases. Practical experience with STRIDE or comparable threat‑model frameworks. Familiarity with cloud‑native environments (microservices, Kubernetes, serverless). Communication: Exceptional written and verbal skills for both technical and non‑technical audiences. Preferred Qualifications Offensive‑security certifications (OSCP, OSWE, OSWA, BSCP). Secure‑coding experience in languages such as: Java, Node.js, C#, Python, or Rust. Experience in security controls for cloud platforms such as AWS, Azure, or Google Cloud. Open‑source contributions, bug‑bounty recognitions, or CTF placements. Exposure to mobile or desktop application security. Knowledge of or interest in AI security controls and testing. Personal Attributes Maintains professionalism under pressure. Self‑driven and proactive. Thrives on complex challenges. Seniority level Mid‑Senior level Employment type Contract Job function Information Technology #J-18808-Ljbffr Stefanini North America and APAC
Career Coach page is loaded## Career Coachlocations: Cookeville, TNtime type: Full timeposted on: Posted Yesterdayjob requisition id: 16763**Job Location**Cookeville Career Solutions**Job Summary:**The Career Coach position will assist program participants to: Develop...
...Avera Dialysis-Sioux Falls Worker Type: Regular Work Shift... ...plan, organize and implement social work services for patients and... ...members to obtain information about home environment, family systems,... ...into assisted living or nursing homes, arranges for transportation...
...Job Description Description The Audiologist shall perform services requiring basic knowledge of biological, physical, behavioral, psychological and sociological sciences as relates to the auditory system. The Audiologist utilizes standardized procedures in the testing...
...Job Description Job Description Finnin Enterprises LLC is hiring 1-2 Experienced Furniture installers and 1 Non-experienced laborers. Bring your drive and skills to us so we can build greatness together. We install modular furniture and removable furniture walls. Rate...
...Part Time Dealer Trade Driver Fred Anderson Toyota of Sanford, NC is looking for a friendly, upbeat, and courteous Part Time Dealer Trade Driver to join our team. Our Dealer Trade Drivers are responsible for transporting vehicles to and from dealerships in a safe, timely...