Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct security testing on web and Flutter mobile applications, identifying vulnerabilities and documenting findings.
- Company: Join a dynamic team focused on enhancing application security in a fully remote environment.
- Benefits: Enjoy flexible working hours and competitive pay while working on exciting projects.
- Why this job: Perfect for tech-savvy individuals passionate about security and looking to make an impact remotely.
- Qualifications: 4-6 years in application security testing with a strong focus on Flutter; certifications are a plus.
- Other info: This is a freelance role with sporadic hours, ideal for those seeking flexibility.
We are looking for an experienced Application Security Analyst to join us on a freelance basis, supporting security testing across both web and mobile applications, with a strong emphasis on Flutter-based mobile apps. This is a non-exploit role, focused on identifying vulnerabilities and security weaknesses—not active exploitation or red teaming.
The role is fully remote and well-suited for professionals who are comfortable working independently on a long-term, as-needed basis. Hours will vary with workload, so flexibility and the ability to work asynchronously are key.
Key Responsibilities:- Conduct manual and tool-assisted penetration testing of web and mobile (Flutter) applications
- Identify vulnerabilities related to authentication, authorization, session handling, and insecure storage or communications
- Perform reviews of Dart/Flutter code and assess mobile-specific risks like deep linking, reverse engineering, and tampering
- Analyze APIs and backend integrations for security gaps
- Document findings in detailed, developer-ready reports including impact assessments and remediation guidance
- Collaborate with internal teams to clarify security concerns and verify remediations
- Align all assessments with OWASP Top 10, OWASP MASVS, and secure coding best practices
- Operate in a non-exploitative capacity (no red teaming or social engineering)
- Minimum 4–6 years of experience in application security testing
- Strong background in Flutter security, with hands-on testing of production-grade mobile apps
- Proficiency in tools such as Burp Suite, OWASP ZAP, MobSF, Frida, Postman, Objection, or similar
- Understanding of secure development concepts: input validation, session/token management, certificate pinning, etc.
- Familiarity with mobile and web security standards (OWASP Top 10, MASVS, CVSS, CWE)
- Excellent technical writing and reporting skills
- Certifications like OSCP, eWPT, GMOB, or equivalent are a plus
- Experience working as an external security consultant or independent contractor
- Familiarity with CI/CD security practices and DevSecOps pipelines
- Ability to scope and prioritize assessments autonomously
- Competitive hourly or daily rate
- Flexible working hours
- Project-based workload, long-term commitment
If this position is of interest then please apply and await a call from Dylan. Alternatively please send an email to dylan@evlpc.com with your mobile number and availability for a call.
Mobile Application Penetration Testing Analyst employer: Evolution Project Consulting
Contact Detail:
Evolution Project Consulting Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Mobile Application Penetration Testing Analyst
✨Tip Number 1
Familiarise yourself with Flutter security best practices and the OWASP Top 10. This knowledge will not only help you in interviews but also demonstrate your commitment to the role and understanding of the specific technologies you'll be working with.
✨Tip Number 2
Network with professionals in the application security field, especially those who focus on mobile applications. Engaging in relevant online communities or forums can provide insights into the latest trends and challenges, which could be beneficial during discussions with us.
✨Tip Number 3
Prepare to discuss your experience with tools like Burp Suite and OWASP ZAP. Be ready to share specific examples of how you've used these tools in past projects, as practical knowledge is highly valued in this role.
✨Tip Number 4
Showcase your ability to work independently by highlighting any previous freelance or remote work experiences. Emphasising your flexibility and self-management skills will align well with our expectations for this position.
We think you need these skills to ace Mobile Application Penetration Testing Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in application security testing, particularly with Flutter. Include specific projects or roles where you've conducted penetration testing and mention any relevant tools you've used.
Craft a Strong Cover Letter: In your cover letter, emphasise your understanding of the non-exploit role and your ability to work independently. Mention your familiarity with OWASP standards and how your skills align with the job requirements.
Showcase Technical Skills: Clearly list your technical skills related to mobile application security, such as proficiency in Burp Suite, OWASP ZAP, and Dart/Flutter code reviews. Provide examples of how you've applied these skills in past roles.
Follow Up: After submitting your application through our website, consider sending a follow-up email to express your continued interest in the position. This can help keep you on their radar and show your enthusiasm for the role.
How to prepare for a job interview at Evolution Project Consulting
✨Showcase Your Technical Skills
Be prepared to discuss your experience with Flutter security and application testing tools like Burp Suite and OWASP ZAP. Highlight specific projects where you've identified vulnerabilities and how you approached the testing process.
✨Understand the Role's Focus
Since this position is non-exploitative, emphasise your ability to identify vulnerabilities without active exploitation. Be ready to explain how you align your assessments with OWASP standards and secure coding practices.
✨Demonstrate Flexibility and Independence
As the role requires working independently and flexibly, share examples of how you've successfully managed your time and workload in previous freelance or remote positions. This will show that you're a self-starter who can thrive in a sporadic hours environment.
✨Prepare for Technical Writing Questions
Since excellent technical writing skills are essential, be ready to discuss how you document findings and create developer-ready reports. You might even want to bring samples of your previous work to demonstrate your reporting style and clarity.
