HHS Application Tester

Rockville, MD - USA

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Application Tester to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelors degree in Information Technology Cybersecurity Computer Science or related field.
Minimum 46 years of experience performing application testing or application security assessments.
Experience testing web applications APIs and cloud-based systems.
Working knowledge of OWASP Top 10 vulnerabilities and secure application design principles.
Experience validating automated vulnerability scan results.
Familiarity with federal vulnerability management and RMF processes.
Strong analytical documentation and communication skills.
Active GTAPT CEH or Security is preferred

Duties:

Perform application security testing including dynamic application security testing (DAST) functional testing and validation testing.
Execute test cases against web applications APIs microservices and cloud-hosted applications.
Identify application-level vulnerabilities including authentication authorization input validation session management and data exposure weaknesses.
Validate findings from automated scanning tools and identify false positives.
Support secure development lifecycle (SDLC) activities by testing applications before release.
Document application vulnerabilities test results and remediation recommendations.
Verify remediation through re-testing and evidence validation.
Support application penetration testing and red team activities as required.
Coordinate testing activities with developers system owners ISSOs and AppSec engineers.
Ensure testing aligns with OWASP Top 10 NIST guidance and HHS security standards.
Maintain application testing SOPs workflows and test scripts.
Support vulnerability management reporting and POA&M evidence development.