Application Penetration Tester

About Client:
The client has helped several companies build next–generation healthcare products, platforms, and digital health systems that are driving transformative change. With its proven track record in the healthcare and health tech markets combined with its strong understanding of disruptive technologies, it can be the engineering partner that helps you create future–ready solutions that provide you with a competitive edge.
Rate Range: $55–$60/Hr
Job Description:
We are seeking a skilled Application Penetration Tester to join our dynamic team.
As an Application Penetration Tester, you will be responsible for conducting thorough manual assessments of various applications and systems to identify and exploit vulnerabilities.
Your primary focus will be on web applications, internal applications, APIs, internal and external networks, and mobile applications.
Responsibilities:
Perform Manual Application Penetration Test one or more of the following to Client and exploit vulnerability, web Application , internal application , API, Internal and external networks , and mobile application .
Conduct manual penetration tests on a variety of applications and systems including web applications, internal applications, APIs, internal and external networks, and mobile applications.
Identify and exploit vulnerabilities in applications and systems to assess the security posture.
Perform in–depth analysis of vulnerabilities to determine their potential impact and provide recommendations for remediation.
Collaborate with cross–functional teams to ensure comprehensive security testing coverage.
Document findings, including detailed exploit chains and proof–of–concept demonstrations.
Stay up–to–date with the latest security trends, techniques, and tools.
Qualifications:
Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
Proven experience in manual Application Penetration testing.
Strong understanding of web application architecture, protocols, and technologies (e.g., HTTP, HTML, JavaScript, AJAX).
Familiarity with various security testing tools such as Burp Suite, Metasploit, Nmap, etc.
Experience with scripting languages such as Python, Perl, or Bash.
Knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and exploitation techniques.
Experience with mobile application security testing is a plus.
Excellent communication skills with the ability to convey technical concepts to both technical and non–technical stakeholders.
Certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or similar are desirable.
About ApTask:
Join ApTask, a global leader in workforce solutions and talent acquisition services, as we shape the future of work. We offer a comprehensive suite of offerings, including staffing and recruitment services, managed services, IT consulting, and project management, providing unparalleled opportunities for professional growth and development. As a member of our dynamic team, you'll have the chance to connect businesses with top–tier professionals, optimize workforce performance, and drive success for our clients across diverse industries. If you are passionate about excellence, collaboration, and innovation, and aspire to make a meaningful impact in the world of work, come join us at ApTask and be a part of our mission to empower organizations to thrive.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.
Candidate Data Collection Disclaimer:
At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment.
If you have any concerns or queries about your personal information, please feel free to contact our compliance team at .