Leidos has flagged the Tester job as unavailable. Let’s keep looking.

Application Security Penetration Tester

100% Remote 

Must be able to obtain Public Trust clearance

Required Skills:

  • 3+ years of "Hands-On" application security penetration testing experience using BurpSuite Pro
  • 2+ years of experience related to application security, vulnerability and risk assessments, security policy development and review, general IT and security controls development, compliance readiness (i.e., NIST 800- Series, DIACAP, FISMA, FedRAMP, FIPS) and technical security architecture/ design/ development/ implementation
  • At least one recognized security professional certification (CISSP, GWAPT, CEH, LPT, CCSP)
  • Experience with one or more programming languages such as Java, JavaScript, Python or UNIX shell
  • Hands-on experience automating security tools in CI/CD Jenkins such as OWASP ZAP, Nessus, Fortify, Sonatype Nexus
  • Experience in Secure SDLC, DevSecOps principles and Cloud security best practices

Role Description/Responsibilities:

  • Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, performs software security architecture and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms.
  • Serve as a liaison between development teams and stakeholders to understand and formulate security requirements.
  • Define, maintain, and enforce application security best practices.
  • Good understanding of OWASP Top 10, SANS 25
  • Perform third-party libraries security assessment and dependency analysis.
  • Conduct vulnerability assessment and manual/automated code review of Java and Scala applications.
  • Apply knowledge of web application vulnerabilities to review application source code to find its security vulnerabilities (CSRF, XSS, SQL Injection, Privilege Escalation, etc.) and recommend remediation.
  • Be proficient in static, dynamic and penetration security testing of Web Applications and REST APIs.
  • Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
  • Demonstrate vulnerabilities to application owners and provide mitigation recommendations.
  • Knowledge of Continuous Integration and Continuous Deployment (CI/CD) activities to integrate and automate security tools within DevOps processes.

All candidates should have:

  • Proven ability to work independently and as a team member
  • Strong organizational, attention-to-detail, multi-tasking, and time-management skills
  • Eligibility to receive Federal Public Trust clearance
  • Established residency in the US for at least 3 of the last 5 years.
  • Candidates must be local to the Washington, D.C. Metro/Northern VA area – travel will not be reimbursed.

#M2

System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, and MOUNTAIN, LTD., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.

System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.

Read Full Description
Confirmed 8 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles