Senior Application Security Consultant

About the Role

We are seeking a highly experienced Application Security Consultant to conduct a comprehensive security review of a web-based application. This is a non-invasive, review-only assignment — no remediation or code modifications are required.

You’ll work independently to assess application code and related configurations, identify any security vulnerabilities, and deliver a detailed, evidence-based security audit report .

Key Responsibilities

Perform static code analysis and security audit of a web application. Identify potential vulnerabilities in logic, data handling, authentication, and access control. Assess the application against OWASP Top 10 and other secure coding standards. Review third-party dependencies for known issues. Produce a professional security report with risk ratings, findings, and recommendations.

Required Skills & Experience

4+ years in Application Security , AppSec consulting , or Secure Code Review roles. Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js). Familiarity with tools like Snyk , Checkmarx , Veracode , or Burp Suite (passive scanning) . Knowledge of OWASP , CWE , and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP , CSSLP , GWAPT , CEH , or equivalent.

Deliverables

One formal written report including: Executive summary for non-technical stakeholders. Technical breakdown of findings with severity and impact. Recommended mitigation guidance (no implementation expected).

Why Join Us?

Remote flexibility No remediation work — fully focused on review and advisory A project with high visibility and real-world impact Prompt onboarding and structured communication

How to Apply

Message us directly or email with your CV, availability, and examples of previous audit/reporting work if available.