Related skills
apis penetration testing threat modeling web security infrastructure securityπ Description
- Perform deep-dive penetration tests on web apps, APIs, and infrastructure to uncover flaws.
- Develop PoC exploits to help engineers visualize and prioritize fixes.
- Partner with developers to provide remediation strategies and re-testing.
- Lead architectural reviews and threat modeling early in the SDLC.
- Build and integrate custom offensive tools and scripts into the development pipeline.
- Stay ahead of the curve by researching emerging attack vectors and techniques.
π― Requirements
- 4+ years of application security testing experience.
- Familiar with OWASP Top 10 and SANS 25; help teams prevent them.
- Certifications such as OSCP/BSCP/OSCE/GPEN/OSWE are beneficial.
- Translate deep technical risks into actionable business insights.
- Curious and driven to build, break, and secure systems used by millions.
π Benefits
- Hybrid work model - onsite + remote, with 25 days/year to work from anywhere.
- Competitive total compensation with stock options.
- OpenUP mental wellbeing support and confidential coaching.
- 3 extra days off in 2026 to rest, reset, and recharge.
- Unlimited Udemy course access for ongoing learning.
- 8 weeks of gender-neutral new parent leave.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!