Mobile Application Penetration Testing Analyst

Remote, USA Full-time

Job TitleFreelance Web & Mobile Application Penetration Testing Analyst (Non-Exploit – Flutter Focus)Job Type:Contract / FreelanceLong-Term Engagement (Part-Time, Sporadic Hours)Fully RemoteAbout theRole:We are looking for an experienced Application Security Analyst to join us on a freelance basis, supporting security testing across both web and mobile applications, with a strong emphasis on Flutter-based mobile apps. This is a non-exploit role, focused on identifying vulnerabilities and security weaknesses—not active exploitation or red teaming.The role is fully remote and well-suited for professionals who are comfortable working independently on a long-term, as-needed basis. Hours will vary with workload, so flexibility and the ability to work asynchronously are key. Key Responsibilities:• Conduct manual and tool-assisted penetration testing of web and mobile (Flutter) applications• Identify vulnerabilities related to authentication, authorization, session handling, and insecure storage or communications• Perform reviews of Dart/Flutter code and assess mobile-specific risks like deep linking, reverse engineering, and tampering• Analyze APIs and backend integrations for security gaps• Document findings in detailed, developer-ready reports including impact assessments and remediation guidance• Collaborate with internal teams to clarify security concerns and verify remediations• Align all assessments with OWASP Top 10, OWASP MASVS, and secure coding best practices• Operate in a non-exploitative capacity (no red teaming or social engineering)Required Experience and Skills:• Minimum 4–6 years of experience in application security testing• Strong background in Flutter security, with hands-on testing of production-grade mobile apps• Proficiency in tools such as Burp Suite, OWASP ZAP, MobSF, Frida, Postman, Objection, or similar• Understanding of secure development concepts: input validation, session/token management, certificate pinning, etc.• Familiarity with mobile and web security standards (OWASP Top 10, MASVS, CVSS, CWE)• Excellent technical writing and reporting skills• Certifications like OSCP, eWPT, GMOB, or equivalent are a plusDesirable Skills:• Experience working as an external security consultant or independent contractor• Familiarity with CI/CD security practices and DevSecOps pipelines• Ability to scope and prioritize assessments autonomouslyCompensation and Workload:• Competitive hourly or daily rate• Flexible working hours• Project-based workload, long-term commitmentIf this position is of interest then please apply and await a call from Dylan.Alternatively please send an email to [email protected] with your mobile number and availability for a call. Apply tot his job

Apply Now

Mobile Application Penetration Testing Analyst

Similar Jobs

Analyst, Penetration Testing

Junior Penetration Tester

Cybersecurity Quality Assurance Analyst Independent Verification and Validation (IV&V)

Technical Implementation Project Manager

Experienced Physical Security Program Manager – Information Security Frameworks & Operations at Blithequark

Manager, EMEA Security Program Management

Senior Physical Security Project Manager

Technical Program Manager, Security

Senior Technical Program Manager - Security

Research Lead - Securing Frontier AI

DTICI Snowflake Data engineer T8 @ Daimler Truck

Teleradiologist (Remote) – Late Afternoon & Evening Shift Flexibility

Mid-Sr/ Energy Trading Settlements Analyst/ Renewables - REMOTE

Senior Supply Chain Operations Manager

Manager-Business Development-Sales (Texas - South Dallas)

Entry Level Remote Part Time Focus Group Participant - $300-$750 (multi-session studies) - Now Hiring

Account Manager - Personal Lines job at HUB International in Fairfield, CT

Remote SR Attorney-Employment Law

Machine Learning Researcher | $140/hr

Chief Financial Officer – Modern Office Methods (job id : 1674539981)