NIH - Application Scanning Analyst in Bethesda, Maryland at cFocus Software Incorporated
NewJob Function: General BusinessEmployment Type: Full-Time
cFocus Software Incorporated
Bethesda, Maryland, 20814, United States
Posted on
New job! Apply early to increase your chances of getting hired.
Explore Related Opportunities
Computer and Information Analysts jobs near me in MarylandJobs near me in MarylandComputer and Information Analysts jobs
Job Description
cFocus Software seeks a Application Scanning Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science, Information Technology, or a related field
- 5+ years of experience performing application security assessments or web application vulnerability scanning.
- Experience conducting authenticated and unauthenticated web application security testing.
- Experience supporting enterprise vulnerability management programs.
- Experience interpreting application security findings and developing remediation guidance.
- Experience supporting Federal cybersecurity or large enterprise environments.
- Preferred certifications include: GWAPT, GWEB, CSSLP, OSWA, or CEH
Duties:
- Perform authenticated and unauthenticated web application vulnerability scans.
- Conduct application security assessments against internally developed and commercial applications.
- Perform Dynamic Application Security Testing (DAST) and support Static Application Security Testing (SAST) activities.
- Assess APIs, web services, and middleware for security vulnerabilities.
- Conduct application configuration reviews and identify security weaknesses.
- Perform recurring vulnerability scans in accordance with Government-defined schedules.
- Analyze application scan results to identify security vulnerabilities and misconfigurations.
- Validate scan findings to eliminate false positives.
- Prioritize vulnerabilities using risk-based methodologies, including CVSS scoring and exploitability.
- Correlate application vulnerabilities with infrastructure and network risks.
- Identify critical vulnerabilities requiring immediate remediation.
- Perform root cause analysis for recurring application security issues.
- Collaborate with software development teams to improve application security.
- Provide remediation recommendations aligned with secure coding practices.
- Assist developers with vulnerability mitigation strategies.
- Support integration of security scanning into DevSecOps and CI/CD pipelines.
- Recommend application security improvements throughout the software development lifecycle (SDLC).
- Promote secure-by-design principles across NIH application environments.
Scan to Apply
Just scan this QR code to apply from your phone.
Job Location
Bethesda, Maryland, 20814, United States
Frequently asked questions about this position
Similar Jobs In Bethesda, Maryland
Urgently Hiring
RF Spectrum Policy Analyst
Castellum Inc
Arlington, Virginia
New
Security Assessment & Authorization (SA&A) Lead
General Dynamics Information Technology
Rockville, Maryland
Senior Health Systems Specialist
Ibility
Washington, District of Columbia
Cyber SOC Incident Detector (Swing Shift) - TS/SCI with Polygraph
General Dynamics Information Technology
Reston, Virginia
New
Insider Threat Analyst
Core4ce
Alexandria, Virginia
Apply NowYour application goes straight to the hiring team
By submitting your application, you understand and agree to JobTarget's
Terms of Use and
Privacy Policy.