Location: Ireland
Job Type: Contract
Salary: €55,000 – €70,000/year
About the job
We are seeking an Application Security Testing Specialist to support a high-profile
engagement with a client renowned for their rigorous standards and commitment to quality.
This role will involve comprehensive end-to-end security testing of applications, using both
automated and manual techniques across multiple environments.
Key Responsibilities
Pre-Testing Activities: Participate in planning sessions and walkthroughs to align on scope, methodology, and expectations.
Testing Execution
Application Mapping: Build a detailed functionality map by crawling and exploring both public-facing and authenticated areas of the application. Capture and analyse requests and responses using local proxy tools and
network sniffers.
Automated Scanning: Conduct vulnerability scans using commercial, open-source, and proprietary tools. Validate and refine scan results through manual analysis to eliminate false positives.
Source Code Review: Perform static code analysis with source code scanning tools to detect security flaws. Apply control flow and dataflow analysis, focusing on common vulnerability areas such as:
■ Authentication & Authorisation
■ Session & Configuration Management
■ Input Validation & Data Handling
■ Cryptography & Exception Handling
Key Skills
● Proven expertise in application security testing and secure code review.
● Proficiency with vulnerability scanners, static code analysers, and network sniffers.
● Strong knowledge of secure coding practices and vulnerability exploitation techniques.
● Ability to work effectively with global teams and manage high-stakes client relationships.
● Excellent attention to detail, documentation, and communication skills.
Required Experience
● Minimum 3 years’ penetration testing experience.
● Hands-on expertise in manual exploitation of vulnerabilities (aligned with OWASP Top Ten).
● Strong track record in identifying and exploiting web application and API vulnerabilities, with emphasis on manual testing (90%) supported by automated tools (10%)