Infosec Security Analyst

Hybrid in Reston, VA, US • Posted 29 days ago • Updated 29 days ago

Full Time

No Travel Required

Able to Sponsor

Hybrid

$70 - $80/hr

Fitment

Dice Job Match Score™

🫥 Flibbertigibetting...

Job Details

Skills

Penetration Testing
web
API
OWASP
secure frameworks
coding patterns
Web Security

Summary

Role: Infosec Security Analyst

Location: Reston, VA (Hybrid)

Job Description
The client is seeking an Application Security Analyst to

• Perform Comprehensive Security Assessments

Conduct manual application security assessments leveraging both Secure Code Reviews and Application Penetration Testing methodologies to identify vulnerabilities across web, API, and backend components.

• Deep Understanding of Application Security Risks

Demonstrate strong knowledge of a broad range of application security issues, including common vulnerability classes, exploitation techniques, mitigation strategies, and industry-standard security controls (OWASP, secure frameworks, coding patterns).

• Proficiency With Web Security Testing Tools

Utilize industry-standard tools such as Burp Suite, OWASP ZAP, and other proxy, fuzzing, and scanning utilities to execute effective penetration testing and validation activities.

• Source Code Review Expertise

Perform in-depth manual code reviews in one or more programming languages, with the ability to identify insecure coding practices and provide guidance aligned with secure coding best practices.

• Risk Evaluation & Communication

Accurately determine the severity and risk of identified vulnerabilities by assessing exploitability, impact, and relevant business context; clearly communicate this risk to technical and non technical stakeholders.

• High-Quality Assessment Deliverables

Produce well-structured assessment reports documenting:

o Technical testing approach and scope

o Vulnerability details and evidence

o Root cause and business impact

o Practical, prioritized, and realistic remediation strategies

• Software Development Experience (Preferred)

Previous experience in software development or familiarity with modern application architectures is a plus, enabling more effective collaboration with engineering teams.

• Strong Communication & Collaboration Skills

Communicate complex security concepts clearly and professionally, both verbally and in writing, and collaborate effectively with developers, architects, and product teams.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91124313
Position Id: 8873957
Posted 29 days ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

SECURITY ANALYST (INFOSEC - LEVEL IV)

Virginia Beach, Virginia

•

Today

Job Summary: Serve as a Senior Information Security Analyst Alternate ISSM with responsibility of developing maintaining and supporting NEXCOMs Information Assurance program and associated security controls within the NEXCOM Enterprise environment. Perform security assessments and associated reports. Maintain the NEXCOM IAVM program. Maintain compliance with current DoD DON cybersecurity policy. Processes and reviews of System Security Reviews SSR. Maintain DIACAPRMF accreditations for existing

Easy Apply

Full-time

Depends on Experience

Senior Penetration Tester

Washington, District of Columbia

•

Today

Job Description Drive the security of critical banking applications and platforms through hands-on offensive testing. As an Assessments & Exercises Vice President in the Cybersecurity and Technology Controls organization, you will play a key role in safeguarding the firm's most vital assets. Your primary responsibility will be to plan, execute, and report on penetration tests targeting high-impact applications, platforms, and services. Leveraging industry-standard methodologies and advanced tech

Full-time

Application Security Engineer

Tysons, Virginia

•

Today

Description: Hybrid 3 days onsite in Tysons Corner, VA A private, non-governmental entity that functions as a self-regulatory organization, responsible for oversight, enforcement, and dispute resolution within the securities industry, following the consolidation of earlier regulatory organizations. The organization is currently seeking an Application Security Engineer to support its technology and security initiatives. We can facilitate w2 and corp-to-corp consultants. For our w2 consultants,

Contract

Sr. Application Security Engineer - Tysons, VA

Tysons, Virginia

•

Today

Software Guidance & Assistance, Inc., (SGA), is searching for an Sr. Application Security Engineer for a Contract assignment with one of our premier Regulatory clients in Tysons, VA The main function of senior application security engineer is to plan, coordinate and implement application security practices in each phase of software development life cycle though testing, remediation support, tool evaluation, etc. This role involves in evaluating security vulnerabilities, security tools, imp

Contract

USD 75.00 - 82.00 per hour

Search all similar jobs