Senior Offensive Security Vulnerability Analyst

• Perform manual analysis on potential open-source malware against NPM packages
• Act as a subject matter expert in offensive information security performing dynamic and manual security assessments on web technologies
• Drive remediation by outlining a defense-in-depth approach to business stakeholders
• Provide strategic solutions to developers on effective preventive and detective security controls
• Report and articulate the vulnerability assessment results to any audience
• Contribute to the review of internal processes and identify opportunities for improvement and automation

• Analyze NPM Packages for malware
• Experienced application penetration tester
• Experience in using application security tools such as BurpSuite, Nessus, AppScan, etc
• Must have or be willing to obtain Industry-accredited security certifications such as: BSCP, GWAPT, GPEN, OSCP, OSWE, CISSP, or other related certifications
• Strong technical writing and presentation skills
• Development and security background with knowledge of open-source dependencies, secure API architecture, and application penetration testing focusing on Artificial Intelligence solutions

Experience in developing custom security scripts for offensive security tooling and/or CI/CD tooling for shifting security testing earlier within the SDLC

• Medical, dental & vision coverage
• 401(k)
• Life, accident, and disability insurance
• Wellness programs
• Paid time off packages including vacation, sick leave, and paid holidays