Contact Us

Senior Penetration Tester (Web Application Security)

Jobs via Dice • United State
Visa Sponsorship
This Job is No Longer Active This position is no longer accepting applications
AI Summary

Seeking an experienced Penetration Tester to conduct comprehensive security assessments of enterprise web applications within a regulated financial services environment. This role involves identifying and exploiting vulnerabilities, validating security controls, and providing actionable remediation guidance. The ideal candidate possesses strong hands-on testing skills and excellent communication abilities.

Key Highlights
Contract opportunity with Strategic Staffing Solutions.
W2 Only employment, no C2C.
Visa Sponsorship is available.
Focus on web application security assessments in a regulated financial services environment.
Requires strong technical testing skills and clear communication of risk.
Technical Skills Required
Web Application Penetration Testing OWASP Top 10 SQL Injection XSS CSRF Authentication Flaws Business Logic Vulnerabilities Burp Suite OWASP ZAP
Benefits & Perks
Contract Length: 6+ Months
Visa Sponsorship Available

Job Description


Dice is the leading career destination for tech experts at every stage of their careers. Our client, Strategic Staffing Solutions, is seeking the following. Apply via Dice today!

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING!

This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available! The details are below.

 Beware of scams. S3 never asks for money during its onboarding process.

Job Title: Penetration Tester

Location: Denver, CO, 80237

Onsite Work

Contract Length: 6+ Months

Job ref# 244560

We are seeking an experienced Penetration Tester to conduct comprehensive security assessments of enterprise web applications. This role focuses on identifying exploitable vulnerabilities, validating the effectiveness of existing security controls, and delivering actionable remediation guidance to strengthen the organization s application security posture within a regulated financial services environment.

The ideal candidate combines strong hands-on technical testing skills with the ability to clearly communicate risk to both technical and executive stakeholders.

Scope of Work

  • Perform scoped penetration testing on designated web applications and supporting components.
  • Identify, validate, and exploit vulnerabilities across:
    • Authentication and authorization mechanisms
    • Input validation and data handling
    • Session management
    • API endpoints and third-party integrations
    • Business logic and workflow flaws
  • Assess applications against OWASP Top 10 and other applicable security standards and best practices.
  • Conduct manual penetration testing, supplemented by automated tooling where appropriate.
  • Analyze and prioritize findings based on impact, exploitability, and likelihood, aligned with Western Union risk rating methodologies.
  • Collaborate with application, security, and engineering teams to clarify findings and remediation approaches.

Reporting & Documentation

  • Produce comprehensive penetration testing reports that include:
    • Executive-level summary of risk and exposure
    • Detailed technical findings with clear reproduction steps
    • Proof-of-concept exploits or attack paths
    • Practical, prioritized remediation recommendations
  • Communicate results effectively to both technical and non-technical audiences.

Required Qualifications

  • Proven experience conducting web application penetration testing in enterprise or regulated environments.
  • Strong working knowledge of:
    • OWASP Top 10
    • Common web vulnerabilities (SQL Injection, XSS, CSRF, authentication flaws, etc.)
    • Business logic vulnerabilities, particularly within financial services applications
  • Familiarity with secure coding practices and modern web frameworks.
  • Proficiency with industry-standard penetration testing tools, including:
    • Burp Suite
    • OWASP ZAP
    • Similar web application security testing tools
  • Demonstrated ability to produce clear, actionable security reports tailored to diverse audiences.

Deliverables

  • Formal vulnerability assessment report with severity ratings and risk prioritization
  • Retesting and validation following remediation to confirm closure of identified issues

Job Overview
Posted Date Jan 12, 2026
Employment Type Full-time
Experience Level Mid-Senior level
Location United State
Category Testing
Company Jobs via Dice
Mentioned Skills
s3 penetration testing vulnerability assessment owasp sql burp suite
Industries
software development

Similar Jobs

Explore other opportunities that match your interests

Senior Tester
Testing
•
1d ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

vista applied solutions group...

United State

Principal QA Test Engineer - AI-Savvy

Testing
•
2d ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

Jobs via Dice

United State

Principal QA Test Engineer - AI-Driven Testing

Testing
•
1w ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

Jobs via Dice

United State

Subscribe our newsletter

New Things Will Always Update Regularly