Job Type: Full Time

Job Category: IT

Job Description

Job Title: Penetration Tester / Application Security Engineer
Location: Mexico
FTE Only

Penetration testing  - Kali Linux, Nessus , Code Review, SAST and DAST

Job Summary

We are looking for a skilled Penetration Tester / Application Security Engineer with strong hands-on experience in Kali Linux, Nessus, code review, SAST, and DAST to identify, analyze, and remediate security vulnerabilities across applications, networks, and systems. The role involves conducting security assessments, penetration testing, and collaborating with development teams to strengthen the overall security posture.

Key Responsibilities

• Perform penetration testing on web applications, APIs, networks, and infrastructure using Kali Linux tools.
• Conduct vulnerability assessments using tools like Nessus and analyze risk levels.
• Perform manual and automated code reviews to identify security flaws and insecure coding practices.
• Execute SAST (Static Application Security Testing) to detect vulnerabilities in source code early in the SDLC.
• Perform DAST (Dynamic Application Security Testing) on running applications to identify runtime vulnerabilities.
• Identify and exploit security weaknesses such as OWASP Top 10 vulnerabilities.
• Document findings, create detailed penetration testing reports, and provide remediation recommendations.
• Work closely with developers, DevOps, and QA teams to fix vulnerabilities and improve secure coding practices.
• Validate fixes through re-testing and regression security testing.
• Support compliance requirements (ISO 27001, SOC 2, PCI-DSS, etc.) where applicable.

Required Skills