Enable job alerts via email!

Mobile Application Penetration Testing Analyst

JR United Kingdom

Nottingham

Remote

GBP 80,000 - 100,000

Part time

3 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading company seeks an experienced Application Security Analyst for freelance, long-term work. The role involves penetration testing for web and Flutter mobile applications, focusing on identifying vulnerabilities without exploitation. Flexibility to work independently is essential, and competitive compensation is offered.

Qualifications

4-6 years of experience in application security testing.
Strong background in Flutter security.
Experience as an external security consultant or independent contractor.

Responsibilities

Conduct manual and tool-assisted penetration testing of web and mobile (Flutter) applications.
Document findings in detailed, developer-ready reports.
Align assessments with OWASP Top 10 and secure coding best practices.

Skills

Application Security Testing

Flutter Security

Technical Writing

Education

Certifications like OSCP, eWPT, GMOB

Tools

Burp Suite

OWASP ZAP

MobSF

Frida

Postman

Social network you want to login/join with:

col-narrow-left

Client:

Evolution Project Consulting

Location:

nottingham, United Kingdom

Job Category:

Other

EU work permit required:

Yes

col-narrow-right

Job Views:

Posted:

06.06.2025

Expiry Date:

21.07.2025

col-wide

Job Description:

Job Title

Job Type:

Contract / Freelance

Long-Term Engagement (Part-Time, Sporadic Hours)

Fully Remote

About the Role:

We are looking for an experienced Application Security Analyst to join us on a freelance basis, supporting security testing across both web and mobile applications, with a strong emphasis on Flutter-based mobile apps. This is a non-exploit role, focused on identifying vulnerabilities and security weaknesses—not active exploitation or red teaming.

The role is fully remote and well-suited for professionals who are comfortable working independently on a long-term, as-needed basis. Hours will vary with workload, so flexibility and the ability to work asynchronously are key.

Key Responsibilities:

Conduct manual and tool-assisted penetration testing of web and mobile (Flutter) applications
Identify vulnerabilities related to authentication, authorization, session handling, and insecure storage or communications
Perform reviews of Dart/Flutter code and assess mobile-specific risks like deep linking, reverse engineering, and tampering
Analyze APIs and backend integrations for security gaps
Document findings in detailed, developer-ready reports including impact assessments and remediation guidance
Collaborate with internal teams to clarify security concerns and verify remediations
Align all assessments with OWASP Top 10, OWASP MASVS, and secure coding best practices
Operate in a non-exploitative capacity (no red teaming or social engineering)

Required Experience and Skills:

Minimum 4–6 years of experience in application security testing
Strong background in Flutter security, with hands-on testing of production-grade mobile apps
Proficiency in tools such as Burp Suite, OWASP ZAP, MobSF, Frida, Postman, Objection, or similar
Familiarity with mobile and web security standards (OWASP Top 10, MASVS, CVSS, CWE)
Excellent technical writing and reporting skills
Certifications like OSCP, eWPT, GMOB, or equivalent are a plus
Experience working as an external security consultant or independent contractor
Familiarity with CI/CD security practices and DevSecOps pipelines
Ability to scope and prioritize assessments autonomously

Compensation and Workload:

Competitive hourly or daily rate
Project-based workload, long-term commitment

If this position is of interest then please apply and await a call from Dylan. Alternatively please send an email to [emailprotected] with your mobile number and availability for a call.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.