Web Application Security Assessor

We are seeking a highly skilled and innovative Web Application Security Assessor to join our team in the greater DMV area supporting the Army National Guard.

Responsibilities

• Lead defensive web application assessments: plan and execute comprehensive evaluations of enterprise web services from discovery through remediation validation.
• Perform advanced manual testing to validate complex findings (SQL injection XSS authentication/authorization flaws access control issues) beyond automated scans.
• Triage scan outputs rule out false positives and prioritize findings by exploitability impact and mission risk.
• Provide authoritative remediation guidance: explain root causes recommend mitigations and advise secure coding/configuration practices to development and operations teams.
• Coordinate assessment lifecycles with system owners developers QA and cybersecurity stakeholders; validate fixes and retest to confirm closure.
• Analyze enterprise vulnerability trends to identify systemic weaknesses and recommend defensive improvements.
• Produce detailed technical reports evidence bundles and executive summaries to support risk management compliance and continuous improvement.
• Contribute detection/usecase inputs to detection engineering and SOC teams to improve monitoring of web threats.

#ENOCS

Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Masters degree or Ph.D. in Computer Science Cybersecurity Data Science Information Systems Information Technology Software Engineering or a related field; OR
  • Relevant DoD/military training (documented advanced application security or offensive security coursework); OR
  • Relevant professional certification or equivalent experience (examples: CISSPISSEP; ISC2 CSSLP; GIAC GWAPT).

• Required experience and skills:

  • Web application security penetration testing or secure development experience with at least 3 years performing advanced web assessments.
  • Expert knowledge of web vulnerabilities (OWASP Top 10) manual testing techniques authenticated testing and exploit validation.
  • Handson experience with web testing tools (Burp Suite ZAP) code review for security and methods for secure remediation and mitigation.
  • Ability to produce reproducible test evidence technical remediation guidance and executivelevel risk summaries.
  • Experience coordinating assessments in production/staging environments and validating fixes under change control.

• Desired:

  • Prior DoD/ARNG web security assessment or application security program experience.
  • Experience integrating findings into detection engineering WAF tuning CI/CD security gates and developer training programs.

#ENOCS

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.