Application Security Testing Lead

Whether you’re an experienced professional or just getting started, your contributions matter at Fortra. If you’re passionate about tackling meaningful challenges alongside talented team members committed to helping each other succeed, all while having lots of fun, we want to hear from you. We offer competitive benefits and salaries, personal and professional development opportunities, flexibility, and much more! 

At Fortra, we’re breaking the attack chain. Ready to join us? 

Fortra are looking for a seasoned Application Security Testing Lead to join our growing Solution Security team and spearhead our testing initiatives. This role involves leading a team of security testers, collaborating with development and DevOps teams, and ensuring that our applications are secure by design and resilient against modern threats.

WHAT YOU'LL DO

• Lead and mentor a team of application security testers and analysts.
• Plan, schedule, execute, and oversee security testing activities including static (SAST), dynamic (DAST), and interactive (IAST) testing.
• Perform manual and automated penetration testing of web, mobile, and API-based applications – both on-premises and cloud-hosted
• Review code and architecture for security vulnerabilities and provide actionable remediation guidance.
• Develop and maintain threat models and security test plans.
• Track and report on security vulnerabilities, trends, and remediation progress.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Collaborate with development teams to integrate security testing into CI/CD pipelines.

QUALIFICATIONS

• 5+ years of experience in application security testing, with at least 2 years in a leadership role.
• Deep understanding of OWASP Top 10, SANS CWE Top 25, and secure coding practices.
• Hands-on experience with tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Veracode, or similar. Prefer strong Burp Suite experience.
• Familiarity with scripting and coding languages and secure DevOps practices.
• Experience with cloud-native applications and container security is a plus.

PREFERRED CERTIFICATIONS

• OSCP, GWAPT, or similar offensive security certifications
• CSSLP, CEH, or other relevant security credentials

OTHER SKILLS

• Strong leadership and team collaboration skills
• Cross-functional collaboration and coordination
• Excellent communication and reporting abilities
• Analytical mindset with a detail-oriented approach

3407

Visit our website to learn more about why employees choose to work for Fortra. Remember to connect with us on LinkedIn.

As an EEO/Affirmative Action Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, veteran or disability status.