Senior Application Security Consultant

About the Role

We are seeking a highly experiencedApplication Security Consultantto conduct acomprehensive security reviewof a web-based application. This is anon-invasive, review-only assignment— no remediation or code modifications are required.

You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-basedsecurity audit report.

Key Responsibilities

• Performstatic code analysisand security audit of a web application.
• Identify potential vulnerabilities in logic, data handling, authentication, and access control.
• Assess the application againstOWASP Top 10and other secure coding standards.
• Review third-party dependencies for known issues.
• Produce aprofessional security reportwith risk ratings, findings, and recommendations.

Required Skills & Experience

• 4+ years inApplication Security,AppSec consulting, orSecure Code Reviewroles.
• Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js).
• Familiarity with tools likeSnyk,Checkmarx,Veracode, orBurp Suite (passive scanning).
• Knowledge ofOWASP,CWE, and general secure software development principles.
• Strong technical writing and communication skills.
• Preferred certifications:OSCP,CSSLP,GWAPT,CEH, or equivalent.

Deliverables

• One formal written report including:
• Executive summary for non-technical stakeholders.
• Technical breakdown of findings with severity and impact.
• Recommended mitigation guidance (no implementation expected).

Why Join Us?

• Remote flexibility
• No remediation work — fully focused onreview and advisory
• A project with high visibility and real-world impact
• Prompt onboarding and structured communication

How to Apply

Message us directly or email with your CV, availability, and examples of previous audit/reporting work if available.