Remote Senior Web Application Security Reviewer

863 IT & Software Developer jobs in the US

Company Size

<50

Company Type

Services

Exp Level

Senior

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

- Over 3 years of practical experience in application security - Proven expertise in manual source code analysis - Profound knowledge of authorization models and access control mechanisms - Experience reviewing code in at least one of the following languages: - Node.js (Express/NestJS) - Python (Django/FastAPI) - PHP (Laravel) - Java (Spring) - .NET - Strong grasp of OWASP Top 10 vulnerabilities - Familiarity with risks associated with multi-tenant architecture - Knowledge of secure coding methodologies - Understanding of contemporary API security frameworks - Ability to quickly comprehend and navigate large codebases - Capability to work independently without constant supervision

Technologies

CI/CD

FastAPI

Flow

NestJS

Responsibilities

- Conduct in-depth manual reviews of source code for web applications (both backend and frontend) - Identify and evaluate vulnerabilities, including: - Insecure Direct Object References (IDOR) - Broken access control measures - Privilege escalation issues (horizontal and vertical) - Failures in multi-tenant data isolation - Business logic defects - Authentication and session management problems - Insecure deserialization vulnerabilities - Injection flaws - SSRF, CSRF, and XSS vulnerabilities - Assess API authorization frameworks and middleware controls - Analyze role-based access control (RBAC) implementations - Trace request pathways from controllers to database layers - Recognize insecure object references in REST and GraphQL APIs - Document findings with clear proof-of-concept examples and remediation recommendations - Collaborate with our offensive security team as necessary

Description

At Invadel, we are actively seeking a skilled Web Application Source Code Reviewer to join our project-based contract team. This remote role allows for flexibility, engaging you in specific projects that require thorough source-level security analysis. We focus on genuine vulnerabilities, prioritizing candidates who can identify complex authorization flaws and related issues. Compensation ranges from $74,322.32 to $130,000.00 per year, based on engagement. We value autonomy and expertise, expecting contributors to manage sensitive client code securely and deliver comprehensive documentation. We encourage those with a strong background in application security to apply.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the USSecurity Engineer jobs in the USRemote Security Engineer jobs

You can find Cyber Security Engineer salaries in the United States here.

How many Cyber Security Engineer jobs are in the United States?

Currently, there are 863 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.

Is the US a good place for Cyber Security Engineers?

The US is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Cyber Security Engineer jobs in the United States?

D3 Security Management Systems, LYNKED Inc., Nurse Next Door, Clarence Farm Services Ltd., ManageYOURiD, DataAnnotation, Electronics Renewal LLC among others, are currently hiring for Security roles in the United States.

The company with most openings is Jobot as they are hiring for 151 different Cyber Security Engineer jobs in the United States. They are probably quite committed to find good Cyber Security Engineers.