Address
Form of workJob Description
Description
Overview:
We are seeking a motivated, career and customer-oriented Web Application Security Assessment (WASA) Analyst interested in joining our Cyber Security Operations Center (CSOC) team in support of the Department of Veterans Affairs (VA).
Responsibilities:
· Perform Security Assessments against Web Applications for vulnerabilities, security misconfigurations, and compliance-related concerns.
· Utilize a variety of industry standard security tools to conduct manual-based Security Assessments.
· Utilize a variety of industry standard security tools to conduct automated scans against Web Applications.
· Review new vulnerabilities as they are published and develop impact assessments.
· Read and test code as related to APIs.
· Determine risk from vulnerabilities based on availability of exploit and potential loss of information and IT services capabilities.
· Produce periodic trending and impact reports.
· Develop new testing programs in support of WASA testing.
· Manage and perform maintenance of backend system softwareManage and maintain Government owned virtual platforms (VM), operating systems, and applications.
· Manage and maintain Government owned or provided virtual environments, operating systems, and applications.
Qualifications
Required Education and Experience:
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Criminology, or similarly relevant field.
- 5+ years of experience
· A successful candidate will have demonstrated expert level experience (5+ years) and knowledge with multiple of the following:
o Support Windows, Unix, and Linux operating systems
o Virtualized Systems
o Automated Web Scanning Tools (DAST)
o Burp Proxy Suite
o Burp Enterprise
o Kali Linux Suite
o Nessus Scanner
o NMAP
o Database Management Systems; SQL, Oracle, Mongo, MySQL
o Web languages and technologies; including but not limited to PHP, Python, JavaScript, Java, Ruby, PERL, ASP, .NET, HTML, CSS, Web API;s, Rust, Web Services
- Candidate must have professional level experience in the following Database Management Systems: SQL, Oracle, Mongo, MySQL
- Candidate must possess professional level experience in the following Web languages and technologies including: PHP, Python, JavaScript, Java, Ruby, PERL, ASP, .NET, HTML, CSS, Web API’s, Rust, Web Services
· Preference given to candidate who possess one of the following certifications:
o C|EH
o PenTest+
Target salary range: $100,001 - $125,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Overview
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective and efficient solutions that are critical to achieving our customers' missions.
We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.9 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.
