Enable job alerts via email!

Mobile Application Penetration Testing Analyst

JR United Kingdom

Basildon

Remote

GBP 60,000 - 80,000

Part time

3 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

Join a leading IT consultancy as an Application Security Analyst, focusing on security testing for web and mobile applications, particularly Flutter-based mobile apps. This freelance role requires expertise in identifying security vulnerabilities without exploitation, ensuring a secure user experience. Flexibility in hours complements a collaborative environment aiming for high security standards.

Qualifications

Minimum 4–6 years of experience in application security testing.
Strong background in Flutter security.
Certifications like OSCP or equivalent are a plus.

Responsibilities

Conduct manual and tool-assisted penetration testing of web and mobile applications.
Identify vulnerabilities related to authentication and insecure storage.
Document findings in detailed, developer-ready reports.

Skills

Application Security Testing

Flutter Security

Technical Writing

Tools

Burp Suite

OWASP ZAP

MobSF

Postman

Social network you want to login/join with:

col-narrow-left

Client:

Evolution Project Consulting

Location:

basildon, United Kingdom

Job Category:

Other

EU work permit required:

Yes

col-narrow-right

Job Views:

Posted:

06.06.2025

Expiry Date:

21.07.2025

col-wide

Job Description:

Job Title

Job Type:

Contract / Freelance

Long-Term Engagement (Part-Time, Sporadic Hours)

Fully Remote

About the Role:

We are looking for an experienced Application Security Analyst to join us on a freelance basis, supporting security testing across both web and mobile applications, with a strong emphasis on Flutter-based mobile apps. This is a non-exploit role, focused on identifying vulnerabilities and security weaknesses—not active exploitation or red teaming.

The role is fully remote and well-suited for professionals who are comfortable working independently on a long-term, as-needed basis. Hours will vary with workload, so flexibility and the ability to work asynchronously are key.

Key Responsibilities:

Conduct manual and tool-assisted penetration testing of web and mobile (Flutter) applications
Identify vulnerabilities related to authentication, authorization, session handling, and insecure storage or communications
Perform reviews of Dart/Flutter code and assess mobile-specific risks like deep linking, reverse engineering, and tampering
Analyze APIs and backend integrations for security gaps
Document findings in detailed, developer-ready reports including impact assessments and remediation guidance
Collaborate with internal teams to clarify security concerns and verify remediations
Align all assessments with OWASP Top 10, OWASP MASVS, and secure coding best practices
Operate in a non-exploitative capacity (no red teaming or social engineering)

Required Experience and Skills:

Minimum 4–6 years of experience in application security testing
Strong background in Flutter security, with hands-on testing of production-grade mobile apps
Proficiency in tools such as Burp Suite, OWASP ZAP, MobSF, Frida, Postman, Objection, or similar
Familiarity with mobile and web security standards (OWASP Top 10, MASVS, CVSS, CWE)
Excellent technical writing and reporting skills
Certifications like OSCP, eWPT, GMOB, or equivalent are a plus
Experience working as an external security consultant or independent contractor
Familiarity with CI/CD security practices and DevSecOps pipelines
Ability to scope and prioritize assessments autonomously

Compensation and Workload:

Competitive hourly or daily rate
Project-based workload, long-term commitment

If this position is of interest then please apply and await a call from Dylan. Alternatively please send an email to [emailprotected] with your mobile number and availability for a call.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.