About the Role:

The Senior Application Security Consultant will make a significant contribution to the success of Certus Cybersecurity by integrating security into the software development lifecycle of the company’s enterprise clients. You will help enterprise clients secure their products through development, design, and testing phases. You will be a trusted advisor to product development teams on defense and remediation, executing architectural reviews, security code reviews, penetration testing and crafting fixes for security defects impacting legacy and emerging technologies.

This position reports to the company’s Principal Security Architect and collaborates with a cross-functional team of experienced security consultants. 

Your working knowledge of current threats and counter measures encountered in the application security arena, paired with support from other experts at Certus Cybersecurity, will enable support for the company’s clients, assessing and remediating a diverse range of security issues.

Job Requirements

• In-depth knowledge of testing methodologies and when to creatively deviate from structured processes.


• Deep understanding of a broad range of application security issues as well as their mitigation strategies.


• Understanding of complex vulnerabilities including cryptographic implementations and protection mechanism bypasses.


• Experience with reviewing source code written in a broad range of programming languages.


• Proficiency in Information Security tools and an ability to write code to solve problems during testing.


• Understanding of reverse engineering concepts as well as tools involved such as debuggers, disassemblers, and operating system monitoring utilities.

Knowledge, Skills, & Abilities

• Understanding and working knowledge of Architecture Review, Application Threat Modeling, Code Review and Penetration Testing is strongly preferred.


• Verbal communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible information to be consumed by anyone from technical resources to the highest level of management.


• Personal drive and passion to not only continue growing yourself but also the Application Security practice.


• Working knowledge of modern web service hosting technologies, development languages and frameworks.


• Ability to kickoff and conduct research projects is strongly preferred.

Preferred Qualifications:

• Experience in independently executing or leading application security assessments.


• Experience with penetration testing for thick clients, mobile, IoT devices and backend services.


• Reverse-engineering experience (IDA Pro, (link removed) disassembly, process monitoring, etc.).


• Experience building or supporting an organization’s software security program.


• Experience quickly learning and using new technologies and frameworks, implementing them in your work, and training others to use them.

Certus Cybersecurity is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.