"Alerted.org

Web Application Scanning Task Lead

Posted: 03/14/2025

Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delight our customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel – and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we’ve described you and your dream workplace, please apply and share in the many benefits and opportunities we offer.

Web Application Scanning Task Lead

Job Overview:

We are seeking a skilled Website Security Analyst to join our team. The primary responsibility of this role is to protect customer organization’s websites, web applications, and online assets from cyber threats, vulnerabilities, and attacks. The ideal candidate will have a strong understanding of web technologies, security protocols, and threat mitigation strategies, ensuring the confidentiality, integrity, and availability of our digital presence.

Key Responsibilities:

+ Conduct regular security scans, penetration tests, and audits of websites and web applications to identify vulnerabilities such as SQL injection, cross-site scripting (XSS), and misconfigurations.

+ Monitor web traffic, logs, and security alerts for suspicious activity, using tools like SIEM systems, firewalls, or intrusion detection systems (IDS).

+ Investigate and respond to security incidents, including malware infections, DDoS attacks, or unauthorized access, and implement remediation steps.

+ Ensure websites are configured securely, including HTTPS enforcement, secure headers, content security policies (CSP), and proper authentication mechanisms.

+ Ensure web platforms comply with relevant security standards and regulations (e.g., GDPR, PCI DSS, HIPAA, or OWASP Top 10 guidelines).

+ Work with developers, IT teams, and third-party vendors to address security gaps, patch vulnerabilities, and implement secure coding practices.

+ Document findings, generate risk assessment reports, and provide actionable recommendations to stakeholders.

+ Maintain and configure security tools such as web application firewalls (WAF), vulnerability scanners (e.g., Nessus, Burp Suite), and monitoring platforms.

+ Train staff on web security best practices and emerging threats, such as phishing or social engineering targeting web systems.

+ Follow the Customer Policy for Software Development Secure Coding Practices and secure coding best practice requirements, as directed by United States Computer Emergency Readiness Team (US-CERT) specified standards and the Open

+ Experience with Web Application Security Project (OWASP), that will limit system software vulnerability exploits.

+ Familiarity with scripting languages (e.g., Python, Bash) for automation or analysis.

+ Understanding of Secure coding standards and Open Web Application Security Project (OWASP) security practices

Qualifications:

+ Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).

+ 3-5 years of experience in cybersecurity, with a focus on web security, application security, or a related area.

+ Proficiency with web technologies (HTML, CSS, JavaScript, TLS, and HTTP/HTTPS protocols).

+ Experience with security and standard vulnerability scanning tools (Web applications, mobile device technologies, and database security)

+ Certifications: Certified Ethical Hacker (CEH), CompTIA Security+, CISSP, OSCP, or GIAC Web Application Penetration Tester (GWAPT).

All qualified applicants are considered for employment, and employees are treated during employment without regard to race, color, religion, sex, national origin, age, citizenship, disability, or Veteran status. Additionally, the company provides reasonable accommodations to qualified individuals with disabilities.