Web Application Security Assessor

Job description

Responsibilities We are seeking a highly skilled and innovative Web Application Security Assessor to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities: - Lead defensive web application assessments: plan and execute comprehensive evaluations of enterprise web services from discovery through remediation validation. - Perform advanced manual testing to validate complex findings (SQL injection, XSS, authentication/authorization flaws, access control issues) beyond automated scans. - Triage scan outputs, rule out false positives, and prioritize findings by exploitability, impact, and mission risk. - Provide authoritative remediation guidance: explain root causes, recommend mitigations, and advise secure coding/configuration practices to development and operations teams. - Coordinate assessment lifecycles with system owners, developers, QA, and cybersecurity stakeholders; validate fixes and retest to confirm closure. - Analyze enterprise vulnerability trends to identify systemic weaknesses and recommend defensive improvements. - Produce detailed technical reports, evidence bundles, and executive summaries to support risk management, compliance, a...