1

Portswigger Jobs (NOW HIRING)

You have notable achievements in CTFs (CCDC, CPTC) or on testing platforms like Hack The Box, TryHackMe, or PortSwigger . * The "Plus One" Edge: You go beyond the basics with verifiable contributions ...

Portswigger information

What is the difference between Portswigger vs Burp Suite Analyst?

AspectPortswiggerBurp Suite Analyst
CredentialsTypically no formal certification required, but knowledge of web security is essentialOften requires familiarity with Burp Suite tools and security certifications
Work EnvironmentCybersecurity firms, consulting, or freelance security testingSecurity teams, penetration testing firms, or consulting companies
Industry UsageDevelops security testing tools and provides trainingUses Burp Suite tools for vulnerability assessments and security analysis

Portswigger is the company behind Burp Suite, a popular web security testing platform. A Burp Suite Analyst focuses on using Burp Suite tools for security assessments, whereas Portswigger develops and supports these tools. Both roles are integral to web security but differ in responsibilities and focus areas.

More about Portswigger jobs
What cities are hiring for Portswigger jobs? Cities with the most Portswigger job openings:
What states have the most Portswigger jobs? States with the most job openings for Portswigger jobs include:
What job categories do people searching Portswigger jobs look for? The top searched job categories for Portswigger jobs are:
Senior Security Code Reviewer

Senior Security Code Reviewer

Ashburn Consulting

Camp Springs, MD

$120K - $164K/yr

Full-time

Posted 5 days ago

Be an early applicant


Job description

Company Description

Ashburn Consulting, LLC, based in the Washington, DC metropolitan area, specializes in providing network and network security solutions in complex environments to a select set of government and business clients. The company, an established leader in its field, is composed of an elite team of engineers and business consultants, each of whom is recognized, and highly regarded, within the network and security communities. 

Job Description

Ashburn is seeking a Senior Security Code Reviewer to support a federal cybersecurity architecture opportunity. This Key Personnel role will lead application security testing, secure code review, DevSecOps pipeline integration, secure development guidance, risk assessments, and cloud/network security evaluation for a proposal opportunity.

Primary Responsibilities

  • Conduct security code reviews and risk assessments for applications and enterprise systems.
  • Use application security testing tools to identify vulnerabilities and provide remediation guidance.
  • Integrate security testing into DevSecOps and CI/CD pipelines.
  • Review application architecture, source code, dependencies, infrastructure-as-code, and deployment practices.
  • Support secure coding standards, developer security training, and technical remediation guidance.
  • Evaluate and improve cloud, network, and enterprise system security.
  • Provide technical writing, reporting, and mentoring to engineering and development teams.
  • Support federal cybersecurity compliance objectives and secure development lifecycle requirements.
Qualifications

Required Qualifications

  • Candidates must be U.S. citizens.
  • Candidates must be willing and able to work as Ashburn W-2 employees. 1099 and corp-to-corp arrangements are not permitted for these roles.
  • DHS EOD / suitability is required.
  • 10+ years of experience automating application security scanning processes, Zero Trust integration, and data sanitization for Government or similarly complex enterprise systems.
  • Experience deploying and using Application Security Testing platforms such as Checkmarx.
  • Experience automating or supporting Zero Trust Network Access (ZTNA) and Secure Web Gateway (SWG) solutions.
  • Advanced security engineering experience across on-premises and cloud environments.
  • Experience implementing AWS security best practices, including VPC Flow Logs, Security Lake, and audit monitoring.
  • Experience building EKS clusters using Terraform and Kubernetes.
  • Experience creating custom hardened AMI builds.
  • Experience integrating network security tools such as Palo Alto, AlgoSec, Gigamon, and Corelight.
  • Experience reviewing, evaluating, and improving security of complex systems and networks.
  • Experience with vulnerability management, SIEM integrations, certificate management, single sign-on implementations, and federal regulatory compliance.
  • Demonstrated ability to lead security code reviews and conduct risk assessments.
  • Experience developing OS hardening strategies, evaluating firewall policies, and implementing enterprise infrastructure monitoring solutions.
  • Strong technical writing, training, and mentoring skills.
  • Ability to mentor development teams in secure coding practices and align technical solutions to Government cybersecurity objectives.

Preferred / Strongly Desired Qualifications

  • Experience with Burp Suite, Checkmarx One, PortSwigger, SonarQube, Fortify, SAST, DAST, SCA, API security testing, or IaC scanning.
  • Experience integrating application security testing into CI/CD pipelines.
  • Experience with secure coding practices in Java, Python, JavaScript, C#, Ruby, SQL, React, Node.js, PowerShell, Go, or similar languages.
  • Experience applying OWASP, NIST, DHS, DevSecOps, and secure software lifecycle practices.
  • Secure software certification preferred, such as CSSLP, GIAC secure software credential, EC-Council secure programmer certification, or comparable experience.
  • Prior DHS, DOD / DOW or federal application security experience.

Additional Information

PHYSICAL REQUIREMENTS:
Work is equally performed in the field as well as in a normal office environment. Lifting (up to 50lbs) may be required. Ladder climbing may be required. Driving is required. All duties performed with or without reasonable accommodations.

Additional Information

Equal Opportunity Employer/Veterans/Disabled. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail hr@ashburnconsulting.com.

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail hr@ashburnconsulting.com.