ZipRecruiter

Log In

1

Portswigger Jobs (NOW HIRING)

Praetorian

Offensive Security Engineer

Austin, TX · On-site

You have notable achievements in CTFs (CCDC, CPTC) or on testing platforms like Hack The Box, TryHackMe, or PortSwigger . * The "Plus One" Edge: You go beyond the basics with verifiable contributions ...

Karbon

AppSec Engineer

$60.25 - $80.25/hr

Claude Code, GitHub Co-Pilot etc • Portswigger Burp or similar Preferred : • Certifications such as Offsec OSCP & AWAE, GIAC, Burp Practitioner, PJPT, Microsoft/AWS development and cloud related ...

Karbon

Senior Security Engineer

Chicago, IL

$118K - $161K/yr

Portswigger Burp or similar * Certifications such as Offsec OSCP & AWAE, GIAC, Burp Practitioner, PJPT, Microsoft/AWS development and cloud related are nice to have * Experience with securing AI ...

All JobsPortswigger Jobs

Portswigger information

What is the difference between Portswigger vs Burp Suite Analyst?

AspectPortswiggerBurp Suite Analyst
CredentialsTypically no formal certification required, but knowledge of web security is essentialOften requires familiarity with Burp Suite tools and security certifications
Work EnvironmentCybersecurity firms, consulting, or freelance security testingSecurity teams, penetration testing firms, or consulting companies
Industry UsageDevelops security testing tools and provides trainingUses Burp Suite tools for vulnerability assessments and security analysis

Portswigger is the company behind Burp Suite, a popular web security testing platform. A Burp Suite Analyst focuses on using Burp Suite tools for security assessments, whereas Portswigger develops and supports these tools. Both roles are integral to web security but differ in responsibilities and focus areas.

More about Portswigger jobs
What cities are hiring for Portswigger jobs? Cities with the most Portswigger job openings:
What states have the most Portswigger jobs? States with the most job openings for Portswigger jobs include:
What job categories do people searching Portswigger jobs look for? The top searched job categories for Portswigger jobs are:
Portswigger jobs near you
Infographic showing various Portswigger job openings in the United States as of June 2026, with employment types broken down into 100% Full Time. Highlights an 75% Physical, and 25% Remote job distribution.
Senior Security Code Reviewer

Senior Security Code Reviewer

Ashburn Consulting

Camp Springs, MD • On-site

$120K - $164K/yr

Other

Posted 11 days ago

Job description

Job Description 
Ashburn is seeking a Senior Security Code Reviewer to support a federal cybersecurity 
architecture opportunity. This Key Personnel role will lead application security testing, 
secure code review, DevSecOps pipeline integration, secure development guidance, risk 
assessments, and cloud/network security evaluation for a proposal opportunity. 


Primary Responsibilities 
• Conduct security code reviews and risk assessments for applications and 
enterprise systems. 
• Use application security testing tools to identify vulnerabilities and provide 
remediation guidance. 
• Integrate security testing into DevSecOps and CI/CD pipelines. 
• Review application architecture, source code, dependencies, infrastructure-as
code, and deployment practices. 
• Support secure coding standards, developer security training, and technical 
remediation guidance. 
• Evaluate and improve cloud, network, and enterprise system security. 
• Provide technical writing, reporting, and mentoring to engineering and development 
teams. 
• Support federal cybersecurity compliance objectives and secure development 
lifecycle requirements. 


Qualifications 
Required Qualifications 
• Candidates must be willing and able to work as Ashburn W-2 employees. 1099 and 
corp-to-corp arrangements are not permitted for these roles. 
• DHS EOD / suitability is required. 
• 10+ years of experience automating application security scanning processes, Zero 
Trust integration, and data sanitization for Government or similarly complex 
enterprise systems. 
• Experience deploying and using Application Security Testing platforms such as 
Checkmarx. 
• Experience automating or supporting Zero Trust Network Access (ZTNA) and Secure 
Web Gateway (SWG) solutions. 
• Advanced security engineering experience across on-premises and cloud 
environments. 
• Experience implementing AWS security best practices, including VPC Flow Logs, 
Security Lake, and audit monitoring. 
• Experience building EKS clusters using Terraform and Kubernetes. 
• Experience creating custom hardened AMI builds. 
• Experience integrating network security tools such as Palo Alto, AlgoSec, Gigamon, 
and Corelight. 
• Experience reviewing, evaluating, and improving security of complex systems and 
networks. 
• Experience with vulnerability management, SIEM integrations, certificate 
management, single sign-on implementations, and federal regulatory compliance. 
• Demonstrated ability to lead security code reviews and conduct risk assessments. 
• Experience developing OS hardening strategies, evaluating firewall policies, and 
implementing enterprise infrastructure monitoring solutions. 
• Strong technical writing, training, and mentoring skills. 
• Ability to mentor development teams in secure coding practices and align technical 
solutions to Government cybersecurity objectives. 


Preferred / Strongly Desired Qualifications 
• Experience with Burp Suite, Checkmarx One, PortSwigger, SonarQube, Fortify, SAST, 
DAST, SCA, API security testing, or IaC scanning. 
• Experience integrating application security testing into CI/CD pipelines. 
• Experience with secure coding practices in Java, Python, JavaScript, C#, Ruby, SQL, 
React, Node.js, PowerShell, Go, or similar languages. 
• Experience applying OWASP, NIST, DHS, DevSecOps, and secure software lifecycle 
practices. 
• Secure software certification preferred, such as CSSLP, GIAC secure software 
credential, EC-Council secure programmer certification, or comparable experience. 
• Prior DHS, DOD / DOW or federal application security experience.

Apply