Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct security testing on web and Flutter mobile applications, identifying vulnerabilities.
- Company: Join Evolution Project Consulting, a leader in application security solutions.
- Benefits: Enjoy flexible, fully remote work with competitive pay and project-based workload.
- Why this job: Be part of a crucial role that enhances app security while working independently.
- Qualifications: 4-6 years in application security, strong Flutter knowledge, and proficiency in security tools required.
- Other info: This is a non-exploit role focused on vulnerability identification, not red teaming.
Client: Evolution Project Consulting
Location: Guildford, United Kingdom
Job Category: Other - EU work permit required: Yes
Job Type: Contract / Freelance Long-Term Engagement (Part-Time, Sporadic Hours) Fully Remote
About the Role:
We are looking for an experienced Application Security Analyst to join us on a freelance basis, supporting security testing across both web and mobile applications, with a strong emphasis on Flutter-based mobile apps. This is a non-exploit role, focused on identifying vulnerabilities and security weaknesses—not active exploitation or red teaming. The role is fully remote and well-suited for professionals who are comfortable working independently on a long-term, as-needed basis. Hours will vary with workload, so flexibility and the ability to work asynchronously are key.
Key Responsibilities:
- Conduct manual and tool-assisted penetration testing of web and mobile (Flutter) applications
- Identify vulnerabilities related to authentication, authorization, session handling, and insecure storage or communications
- Perform reviews of Dart/Flutter code and assess mobile-specific risks like deep linking, reverse engineering, and tampering
- Analyze APIs and backend integrations for security gaps
- Document findings in detailed, developer-ready reports including impact assessments and remediation guidance
- Collaborate with internal teams to clarify security concerns and verify remediations
- Align all assessments with OWASP Top 10, OWASP MASVS, and secure coding best practices
- Operate in a non-exploitative capacity (no red teaming or social engineering)
Required Experience and Skills:
- Minimum 4–6 years of experience in application security testing
- Strong background in Flutter security, with hands-on testing of production-grade mobile apps
- Proficiency in tools such as Burp Suite, OWASP ZAP, MobSF, Frida, Postman, Objection, or similar
- Familiarity with mobile and web security standards (OWASP Top 10, MASVS, CVSS, CWE)
- Excellent technical writing and reporting skills
- Certifications like OSCP, eWPT, GMOB, or equivalent are a plus
- Experience working as an external security consultant or independent contractor
- Familiarity with CI/CD security practices and DevSecOps pipelines
- Ability to scope and prioritize assessments autonomously
Compensation and Workload:
- Competitive hourly or daily rate
- Project-based workload, long-term commitment
If this position is of interest then please apply and await a call from Dylan. Alternatively please send an email to [emailprotected] with your mobile number and availability for a call.
Mobile Application Penetration Testing Analyst employer: JR United Kingdom
Contact Detail:
JR United Kingdom Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Mobile Application Penetration Testing Analyst
✨Tip Number 1
Familiarise yourself with Flutter security practices and the OWASP Top 10. This knowledge will not only help you in interviews but also demonstrate your commitment to the role and understanding of the specific technologies involved.
✨Tip Number 2
Network with professionals in the application security field, especially those who focus on mobile applications. Engaging in relevant online communities or forums can provide insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss your experience with tools like Burp Suite and OWASP ZAP during any conversations. Being able to articulate how you've used these tools in past projects will showcase your hands-on expertise.
✨Tip Number 4
Be ready to demonstrate your ability to work independently and manage your time effectively. Since this role is remote and requires flexibility, sharing examples of how you've successfully managed similar situations in the past can set you apart.
We think you need these skills to ace Mobile Application Penetration Testing Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in application security testing, particularly with Flutter-based mobile apps. Include specific tools you've used, such as Burp Suite or OWASP ZAP, and any relevant certifications.
Craft a Strong Cover Letter: In your cover letter, emphasise your ability to work independently and your experience with manual and tool-assisted penetration testing. Mention your familiarity with OWASP standards and how you align your assessments with secure coding best practices.
Showcase Technical Writing Skills: Since the role requires documenting findings in detailed reports, include examples of your technical writing in your application. Highlight any previous experience where you provided remediation guidance based on your assessments.
Express Flexibility: Given that the role is part-time and sporadic, make sure to express your flexibility in your application. Mention your ability to work asynchronously and manage varying workloads effectively.
How to prepare for a job interview at JR United Kingdom
✨Showcase Your Technical Skills
Be prepared to discuss your experience with Flutter security and application testing tools like Burp Suite and OWASP ZAP. Highlight specific projects where you've identified vulnerabilities and how you approached the testing process.
✨Understand the Role's Focus
Since this role is non-exploitative, emphasise your ability to identify vulnerabilities without engaging in red teaming. Be ready to explain how you align your assessments with OWASP standards and secure coding practices.
✨Demonstrate Flexibility and Independence
As the position requires working independently and flexibly, share examples of how you've successfully managed your time and workload in previous freelance or remote roles. This will show that you're a self-starter who can thrive in a sporadic hours environment.
✨Prepare for Technical Questions
Expect technical questions related to mobile application security, especially around Flutter. Brush up on common vulnerabilities and be ready to discuss how you would approach assessing APIs and backend integrations for security gaps.
