Coordinate and execute dynamic security testing aligned to common attack vectors (OWASP Top 10, SQL Injection, XSS, privilege escalation).
Manage results from SAST/DAST scans, dependency scanning, and licensing compliance checks; document and track findings to closure.
Maintain and update security test plans, scenarios, and coverage reporting aligned with program security posture and playbook requirements.
Support penetration testing activities and validate vulnerability remediation effectiveness.
Provide consolidated security risk dashboards and reporting to stakeholders; communicate trends and readiness risks.
Coordinate security testing schedules aligned with program milestones and release readiness evaluations.

Requirements

10+ years (5+ years application security testing in DevSecOps environments) (Tricentis Tosca experience preferred
Security+ CE
CEH or PenTest+
CSSLP or CISSP
**Preferred:** GIAC GPEN/GWEB (as available)
Candidate must have active Top Secret Clearance with ability to be cleared to Top Secret/SCI.

Benefits

Hybrid Work Environment: Work From Home and attend scheduled work sessions near Hanover, MD.
Travel: Participate in scheduled meetings in and around the DC metropolitan area. Potential travel to locations throughout CONUS.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

dynamic security testingSASTDASTdependency scanninglicensing compliance checkspenetration testingvulnerability remediationsecurity test plansOWASP Top 10SQL Injection

Soft Skills

communicationstakeholder managementreportingcoordinationdocumentation

Certifications

Security+ CECEHPenTest+CSSLPCISSPGIAC GPENGIAC GWEB