BizTech Fusion
BizTech Fusion

HIring - Web Application & Cloud Assessment Lead

Remote • Posted 2 hours ago • Updated 1 hour ago
Contract Independent
Contract W2
Remote
$70 - $80/hr
Company Branding Image
Fitment

Dice Job Match Score™

⭐ Evaluating experience...

Job Details

Skills

  • Senior Web Application Penetration Tester
  • Cloud Security Assessment Lead
  • Application Security Consultant
  • Web Application Security Engineer
  • Offensive Security Engineer
  • Senior Penetration Tester Web Applications
  • Cloud Penetration Tester
  • Application Security Analyst
  • Web Security Consultant
  • Microsoft 365 Security Consultant
  • Azure AD Security Consultant
  • Identity & Cloud Security Engineer
  • SaaS Security Assessor
  • AppSec Consultant
  • Web & Cloud Security Engineer
  • Web Application Penetration Testing
  • Cloud Security Assessment
  • Microsoft 365 Security
  • Google Workspace Security
  • OWASP Top 10
  • OWASP WSTG
  • Application Security Testing
  • Manual Penetration Testing
  • Vulnerability Assessment
  • Security Misconfiguration Analysis
  • Authentication Testing
  • Authorization Testing
  • Identity & Access Management
  • API Security Testing
  • CVSS Scoring
  • Vulnerability Reporting
  • Threat Analysis
  • Risk Assessment
  • Exploit Validation
  • Security Documentation
  • Cloud Configuration Review
  • Data Exposure Analysis
  • Conditional Access Review
  • Privilege Escalation Testing
  • OAuth Security Review
  • SaaS Security Testing
  • Security Compliance Assessment
  • FERPA Security Awareness
  • REST API Testing
  • GraphQL Security Testing
  • Burp Suite Pro
  • Azure AD
  • Microsoft Entra ID
  • Exchange Online
  • Microsoft Teams Security
  • SharePoint Online
  • OneDrive Security
  • Google Workspace Admin Console
  • Google Drive Security
  • Gmail Security
  • Google Classroom Security
  • OAuth Application Review
  • Session Management Testing
  • Cross Site Scripting Testing
  • SQL Injection Testing
  • IDOR Testing
  • Broken Authentication Testing
  • Access Control Testing
  • Security Configuration Review
  • Web Proxy Analysis
  • Cloud Permission Analysis
  • Tenant Security Review
  • Attack Path Analysis
  • Manual Exploitation Techniques
  • Web Traffic Interception
  • Secure Configuration Validation
  • AADInternals
  • ROADtools
  • OWASP ZAP
  • Nmap
  • Nikto
  • Postman
  • Fiddler
  • Wireshark
  • Metasploit
  • Kali Linux
  • Nessus
  • Acunetix
  • Qualys
  • Microsoft 365 Admin Center
  • Azure Portal
  • Microsoft Entra Admin Center
  • Google Admin Console
  • PowerShell
  • Linux
  • REST APIs
  • GraphQL
  • JSON
  • HTTP/HTTPS
  • GWEB
  • OSWE
  • eWPT
  • eWPTX
  • CEH
  • OSCP
  • CompTIA Security+
  • Microsoft Security Certifications
  • K-12 Education Security
  • Government Security Projects
  • Public Sector Cybersecurity
  • Student Information Systems Security
  • Learning Management System Security
  • Cloud SaaS Security
  • Enterprise Application Security

Summary

Hi

Greetings from BizTech Fusion!

BTF is assessing 10 NNPS web applications, school and department websites, and the NNPS cloud environment (Microsoft 365 and Google Workspace, application layer only). Cloud assessment scope was added by Addendum 2 to the base contract pricing and methodology must reflect this expanded scope. This is not a basic scan; NNPS expects manual testing with documented exploitation attempts.

Title: Web Application & Cloud Assessment Lead
Location: Remote (US Region, Eastern Time)
Duration: 12 Month Contract with possible renewal
Tax: W2, 1099

Note: US-based personnel mandatory
Job Description
Responsibilities

  • Conduct manual and automated security assessments of 10 in-scope web applications
  • Assess all public-facing NNPS websites for common vulnerabilities (injection, XSS, broken auth, IDOR, misconfigurations)
  • Perform application-layer security assessment of the Microsoft 365 tenant (Exchange Online, SharePoint, Teams, OneDrive, Azure AD configurations)
  • Perform application-layer security assessment of Google Workspace (Gmail, Drive, Classroom, Admin Console configurations)
  • Test for misconfigurations, over-permissioned accounts, insecure sharing settings, and data exposure risks in both cloud platforms
  • Document all findings with CVSS scores, exploitation evidence, and remediation steps
  • Coordinate with Penetration Testing Lead where web app vulnerabilities intersect with internal network access
  • Contribute to consolidated technical report; write web app and cloud assessment sections

Required Qualifications

  • Minimum 4 years of web application penetration testing experience
  • Burp Suite Pro proficiency must be primary testing tool
  • Demonstrated experience with OWASP Top 10 methodology and WSTG (Web Security Testing Guide)
  • Hands-on experience assessing Microsoft 365 tenants including Azure AD, Conditional Access, Exchange Online, and SharePoint permissions review
  • Hands-on experience assessing Google Workspace Admin Console, sharing configurations, and third-party OAuth app exposure
  • Experience producing web application findings reports with CVSS scores and remediation guidance
  • US-based

Preferred Qualifications

  • GWEB (GIAC Web Application Penetration Tester), OSWE, or eWPT/eWPTX certification
  • Experience with K-12 or government web applications (student portals, SIS, LMS platforms)
  • Familiarity with FERPA data exposure risk in education cloud environments
  • Experience with API security testing (REST/GraphQL)
  • Azure AD / Entra ID attack path experience (AADInternals, ROADtools)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 90833632
  • Position Id: 8963590
  • Posted 2 hours ago

Company Info

About BizTech Fusion

Founded in 2006, BizTech Fusion is a progressive provider of high-end, IT professional services that specializes in—

  • Leading-Edge, Next-Generation Technology Solutions
  • On-premises, Cloud & Hybrid Solutions
  • Unified Communications & Collaboration
  • Messaging & Productivity
  • Infrastructure Modernization, Integration, Design, Optimization, Monitoring, and Support/Management
  • System Architecture and Deployment
  • Program and Project Management
  • Web-based/Mobile Application Design and Development

A minority-owned and privately held Limited Liability Corporation business based in the Washington, D.C. Metropolitan area, BizTech Fusion is dedicated to providing the most result-oriented, client-focused solutions for our public- and private-sector clients worldwide through our offices in Washington, D.C. and Maryland.

  • CBE certified by the DC Department of Small and Local Business Development (LSD45543082018)
  • GSA Schedule 70 Contract Holder (GS-35F-0459Y)
  • Prime Contractor, U.S. Department of Navy Seaport Enhanced IDIQ (Contract #: N00178-11-D-6468)
  • DC Supply Schedule (DCSS) contract for Mission Oriented Business Integrated Services (MOBIS) Temporary Support Services Contract No.: CW40692
  • DC Supply Schedule (DCSS) contract for Mission Oriented Business Integrated Services (MOBIS) Information Technology Equipment and Software Contract No.: CW39742

BizTech Fusion’s team is organized in the following structure:

Strategic Leadership

  • Board of Directors
  • Board of Advisors
  • President & Chief Executive Officer

Tactical

  • Chief Financial Officer
  • Chief Operating Officer
  • Chief Information Officer
  • General Counsel (Legal)

Operational

  • Vice President of Sales & Marketing
  • Vice President of Strategic Markets
  • Vice President of Client Relationship Management
  • Vice President of Human Resources

Line of Business

  • Service Delivery
  • Solution Development
  • Technical Support
  • Talent Acquisition & Staff Augmentation
  • Program & Project Management
Go to company profile
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Hiring - Social Engineering & Physical Security Testing Lead

Remote

Today

Easy Apply

Contract

$70 - $80

Hiring - Penetration Testing Lead

Remote

Today

Easy Apply

Contract

$70 - $80

Search all similar jobs