| Need - Cyber Command Application Security Vulnerability Assessment Engineer-Brooklyn, NY at Brooklyn, New York, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=3110405&uid=d9c9ab6b5b8f4e25a6f517c378b98fd8 From: Akankshya Pattanaik, Adventa Tech [email protected] Reply to: [email protected] Job Description - Cyber Command Application Security Vulnerability Assessment Engineer Interview: Teams Location: Brooklyn, NY Duration: 2 Years SCOPE OF SERVICES TASKS: Operate and maintain industry-standard SAST/DAST tooling, including HCL AppScan, Veracode, and Burp Suite, to ensure continuous security coverage. Scope application assessments by identifying all critical components and APIs required to establish a comprehensive security baseline. Configure and fine-tune scan profiles and parameters to eliminate noise, reduce false positives, and ensure repeatable, high-fidelity results. Manage the full lifecycle of authenticated and unauthenticated scans, including the coordination of application profiles, security profiles, and automated schedules. Validate automated scanner findings through manual testing and exploit reproduction to confirm technical impact. Document false positives with detailed root-cause analysis and technical justification for audit trails. Identify recurring vulnerability patterns and systemic architectural weaknesses across application portfolios. Generate defensible vulnerability reports that include step-by-step evidence for engineering teams and high-level summaries for management. Prioritize remediation efforts by correlating technical severity with business criticality and data sensitivity. Partner with development teams to translate complex security findings into clear, actionable technical requirements that can be easily ingested into their remediation workflows. Prescribe specific coding guidance and design-level mitigations to resolve identified vulnerabilities. Implement compensating controls when direct remediation is not technically feasible or requires long-term architectural changes. Lead working sessions and technical walkthroughs to assist developers in accelerating the time-to-fix. Lead structured knowledge transfer sessions to train full-time staff on assessment methodologies and security best practices. MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered Minimum of 12 years of hands-on experience in Application Security, Vulnerability Assessments, or Penetration Testing. Advanced proficiency in applying OWASP Top 10 and NIST 800-53 standards. Practical experience operating and configuring SAST/DAST tools (e.g. AppScan, Veracode, Burp Suite). Proven ability to explain technical vulnerabilities to developers and provide specific, design-level remediation guidance. Proficiency in using CVSS (Common Vulnerability Scoring System) to correlate technical severity with business impact and data sensitivity. DESIRABLE SKILLS/EXPERIENCE: Experience testing cloud-native apps (AWS/Azure/GCP), APIs, and microservices. Strong understanding of Agile/SDLC cycles to effectively coordinate with developers and project managers. Proficiency in manual, deep-dive testing to validate automated findings and identify complex business logic flaws. Background working with large, complex organizations or government/public sector environments. Akankshya Pattanaik Adventa Tech Inc. E-Mail: [email protected] Keywords: New York Need - Cyber Command Application Security Vulnerability Assessment Engineer-Brooklyn, NY [email protected] http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=3110405&uid=d9c9ab6b5b8f4e25a6f517c378b98fd8 |
| [email protected] View All |
| 05:27 AM 05-Feb-26 |