1

Oswe Jobs (NOW HIRING)

OSCP, OSWE, GXPN, GPEN, or equivalent * Familiarity with commonly used large-scale service components (webservers, databases, load balancers, caching servers, storage cluster, etc.) Peraton Overview ...

Product Security

Bellevue, WA · On-site

$66 - $88/hr

Preferred : • Offensive security certifications such as Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OSWE), or GIAC Web Application Pentester (GWAPT). • AWS ...

Relevant security certifications (e.g., CSSLP, OSWE) * Background in data privacy and compliance regulations relevant to cloud-native applications and AI systems * Experience with GitOps and ...

Cyber Network Operator

Chantilly, VA · On-site

$176K - $282K/yr

OSCP, OSWE, GXPN, GPEN, or equivalent * Familiarity with commonly used large-scale service components (webservers, databases, load balancers, caching servers, storage cluster, etc.) Peraton Overview ...

... OSWA, OSWE, OWSE, OSED, GPEN, GXPN, GWAPT, GMOB, BSCP etc. • Hands on technical experience in web, mobile and infrastructure penetration testing with tools like Burp Suite Pro, SQLMap, Frida ...

OSCP, OSWE, GXPN, GPEN, or equivalent * Familiarity with commonly used large-scale service components (webservers, databases, load balancers, caching servers, storage cluster, etc.) Peraton Overview ...

OSCP, OSCE, or OSWE. * Mobile Security: eCMAP or GMOB. * General/Regulated: CEH, CSSLP, GPEN, GWAPT, or UL 2900 training. CHI: $130,000-$180,000 The expected salary range above is applicable if the ...

next page

Showing results 1-20

OSWE information

See salary details

$73.5K

$137.1K

$186.5K

How much do oswe jobs pay per year?

As of Jul 7, 2026, the average yearly pay for oswe in the United States is $137,131.00, according to ZipRecruiter salary data. Most workers in this role earn between $114,500.00 and $157,000.00 per year, depending on experience, location, and employer.

What is the highest paid cyber security job?

The highest paid cybersecurity roles are often senior positions such as Chief Information Security Officer (CISO) or Security Director, with CISOs earning salaries that can exceed $200,000 annually depending on the organization and location. These roles require extensive experience, leadership skills, and often certifications like CISSP or CISM, overseeing security strategy and risk management at the executive level.

What are the key skills and qualifications needed to thrive in the Oswe position, and why are they important?

To thrive as an OSWE (Offensive Security Web Expert), you need strong expertise in web application security, penetration testing, and vulnerability assessment, usually supported by advanced technical training or industry certifications such as the OSWE. Familiarity with tools like Burp Suite, various proxy tools, scripting languages (such as Python and JavaScript), and security testing platforms is essential. Persistence, analytical thinking, and clear communication skills make a candidate stand out in this security-focused role. These abilities are critical to effectively identifying, reporting, and helping mitigate security weaknesses in web applications, ensuring organizations’ digital safety.

What is an OSWE job?

An OSWE (Offensive Security Web Expert) job involves conducting advanced web application penetration testing to identify security vulnerabilities. Professionals with this certification specialize in exploiting complex web applications, analyzing security risks, and providing remediation guidance. OSWE-certified individuals typically work as penetration testers, security consultants, or ethical hackers, ensuring web applications are secure against real-world attacks.

What types of projects or assessments does an OSWE typically work on?

An OSWE (Offensive Security Web Expert) is primarily engaged in hands-on security assessments of web applications, focusing on identifying and exploiting vulnerabilities through advanced penetration testing techniques. Daily tasks often include reviewing source code, conducting manual and automated testing, and producing detailed vulnerability reports for development teams. OSWE professionals commonly collaborate with software developers, security engineers, and IT managers to remediate discovered issues and improve application security. This role is both challenging and rewarding, offering opportunities to tackle complex security problems and continuously expand technical skillsets through real-world scenario testing.

Can I get a job as an ethical hacker?

Yes, you can pursue a career as an ethical hacker by gaining relevant skills in cybersecurity, programming, and network security. Certifications like Certified Ethical Hacker (CEH) and hands-on experience with security tools are often required to qualify for such roles.

What jobs in the US pay 300,000 a year?

High-paying jobs that can reach or exceed $300,000 annually in the US include roles such as experienced physicians, surgeons, anesthesiologists, and specialized corporate executives like CEOs and investment bankers. These positions often require advanced degrees, extensive experience, and strong skills in leadership, finance, or healthcare. Compensation varies based on industry, location, and individual performance.

What is an OSWE certification?

The OSWE (Offensive Security Web Expert) certification is a professional credential that validates advanced skills in web application security and penetration testing. It requires passing a rigorous practical exam that involves identifying and exploiting vulnerabilities in complex web applications, demonstrating proficiency with tools like Burp Suite and knowledge of secure coding practices.
More about OSWE jobs
What cities are hiring for Oswe jobs? Cities with the most Oswe job openings:
What are the most commonly searched types of Oswe jobs? The most popular types of Oswe jobs are:
What states have the most Oswe jobs? States with the most job openings for Oswe jobs include:
Infographic showing various Oswe job openings in the United States as of July 2026, with employment types broken down into 95% Full Time, 2% Part Time, and 3% Contract. Highlights an 81% Physical, 6% Hybrid, and 13% Remote job distribution, with an average salary of $137,131 per year, or $65.9 per hour.
Web Application Security Engineer (AppSec / DevSecOps)

Web Application Security Engineer (AppSec / DevSecOps)

Essnova Solutions, Inc.

Washington, DC • On-site

$66.50 - $89/hr

Full-time

Posted 15 days ago


Job description

Location: Washington, DC Metropolitan Area (Hybrid)
Employment Type: Full-Time
Clearance: Public Trust (Tier 2) or ability to obtain*
About Essnova Solutions
Essnova Solutions is a growing technology consulting firm delivering innovative IT, cloud, cybersecurity, engineering, and digital transformation solutions to Federal Government clients. We are committed to technical excellence, collaboration, and providing our employees with opportunities to solve complex mission challenges.
Position Summary
Essnova Solutions is seeking an experienced Web Application Security Engineer to support a federal customer by integrating security throughout the software development lifecycle (SDLC) and protecting enterprise web applications and APIs from evolving cyber threats. The ideal candidate has experience with application security, secure software development, vulnerability management, DevSecOps, and federal cybersecurity frameworks.
Key Responsibilities
  • Embed security throughout the Software Development Lifecycle (SDLC).
  • Perform web application vulnerability assessments, penetration support, and threat modeling activities.
  • Identify, prioritize, and remediate application security vulnerabilities.
  • Implement secure coding standards aligned with OWASP Top 10 and industry best practices.
  • Configure and maintain Web Application Firewalls (WAF) and application security controls.
  • Integrate application security tools into CI/CD pipelines and DevSecOps workflows.
  • Monitor application logs and investigate security events affecting web applications and APIs.
  • Collaborate with software developers, DevOps engineers, and cybersecurity teams to improve application security posture.
  • Support compliance with NIST, FISMA, FedRAMP, and other federal cybersecurity standards.
  • Develop security documentation, technical recommendations, and remediation guidance.
Required Qualifications
  • Experience in Application Security (AppSec), Web Application Security, or Product Security.
  • Strong knowledge of secure software development practices and Secure SDLC.
  • Experience performing vulnerability assessments, threat modeling, and application security testing.
  • Knowledge of OWASP Top 10, common web application vulnerabilities, and remediation techniques.
  • Experience implementing or supporting Web Application Firewalls (WAF).
  • Experience integrating security into CI/CD pipelines and DevSecOps environments.
  • Familiarity with federal cybersecurity frameworks including NIST and FedRAMP.
  • Excellent analytical, troubleshooting, and communication skills.
Preferred Qualifications
  • Experience with SAST, DAST, Software Composition Analysis (SCA), or similar application security tools.
  • Experience with secure code reviews and developer security training.
  • Experience supporting cloud-native applications within AWS and/or Microsoft Azure.
  • Experience supporting federal government or highly regulated environments.
  • Relevant security certifications such as:
    • CSSLP
    • OSCP
    • OSWE
    • GWEB
    • CASE
    • Security+
    • GSEC
Clearance
  • Public Trust (Tier 2) clearance or the ability to obtain and maintain one.*
Why Join Essnova?
At Essnova Solutions, you'll join a collaborative team supporting high-impact federal technology initiatives. We invest in our employees by providing opportunities to work with modern cloud technologies, cybersecurity best practices, and mission-critical systems that make a real difference.