Pentest Careers ← Back to all jobs

Application Security

Company
SYSTEM SOFT TECHNOLOGIES LLC
Location
Brooklyn
Region
USA
Posted
2h ago
Apply Now →

Job Description

Job Description:

- Audit, analyze, and accredit HRA/DSS/DHS applications being moved in the Data Center Migration.

- Evaluate application vulnerability scan reports; document vulnerabilities and define SLAs for mitigation.

- Assess whether vulnerabilities are within Agency Risk Appetite.

- Communicate/report vulnerability findings to Business Owners and IT Heads.

- Develop application vulnerability mitigation strategy and security controls.

- Evaluate mitigated vulnerabilities with development teams; perform security accreditation for production.

- Enforce Risk Acceptance Letters for apps with unmitigated vulnerabilities (requires Business Owner/IT Head/CISO approval).

Required Skills:

- 8+ yrs Application Security (OWASP, NIST)

- 8+ yrs SSDLC, Threat Modelling, Risk Assessments

- 5+ yrs SAST & DAST scanning

- 8+ yrs DevSecOps/CI-CD (Azure, Jenkins)

- 8+ yrs API Security (OAuth, SAML, SSO); Cloud Security

- 8+ yrs Security Frameworks (NIST, ISO 27001, PCI-DSS, SOC 2, HIPAA, GDPR, FedRAMP, HITRUST)

- 8+ yrs Vulnerability Management & Penetration Testing

- 8+ yrs Incident Response & Security Operations

- Security Tools REQUIRED: VERACODE, IBM Appscan, SD Elements, Burp Suite

Required:

Senior-level (8+ yrs). CISSP or CISM certification preferred. CHECKMARX, Fortify, Prowler, SonarQube, SNYK experience a plus.

Job History

First seen
2026-04-16 05:53:10
Last verified
2026-04-16 05:53:10
Pentest Careers — pentestcareers.com
← Back to all jobs

Get new pentesting jobs sent to your inbox