×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Vulnerability Assessment SME

Job in Alexandria, Fairfax County, Virginia, 22350, USA
Listing for: Edgewater Federal Solutions, Inc.
Full Time position
Listed on 2026-01-02
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 100000 - 130000 USD Yearly USD 100000.00 130000.00 YEAR
Job Description & How to Apply Below

Overview

Edgewater Federal Solutions Sector is seeking a Vulnerability Assessment

SME for the Department of Defense (DoD). The successful candidate will be responsible for ensuring the security of software applications through secure coding practices and code vulnerability assessments. Lead a team of application security specialists, providing guidance on secure coding practices and static/dynamic analysis methodologies. Provide guidance to development teams on secure coding techniques and remediation strategies for identified vulnerabilities. Oversee the execution of application security assessments, including code reviews and vulnerability scans, to identify security flaws in software applications.

Provide actionable recommendations to development teams and stakeholders, based on assessment findings, to improve application security and mitigate identified risks. Develop and maintain application security procedures to promote secure software development practices.
This position requires a current Secret ORTop Secret clearance to be considered

Responsibilities
  • Conduct Code Vulnerability Assessments: Perform rigorous static and dynamic code analysis to identify vulnerabilities in software applications. Utilize tools like SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) to ensure the application’s security posture.
  • Lead and Guide Application Security Teams: Manage and mentor a team of application security specialists, providing technical leadership and guidance on complex vulnerability analyses. Review team findings to ensure accurate results and high-quality deliverables.
  • Promote and Train on Secure Coding Practices: Educate and provide training to development teams on secure coding techniques and common vulnerabilities (e.g., based on OWASP Top Ten, CWE/SANS Top 25). Deliver workshops or guidelines on defensive coding against injection attacks, cross-site scripting (XSS), secure authentication, etc.
  • Oversee Secure Software Assessments: Plan, prioritize, and execute secure software assessments across the software lifecycle, including secure design reviews, code audits, and vulnerability testing. Ensure assessments align with organizational and DoD policies for application security.
  • Provide Vulnerability Remediation Guidance: Offer actionable recommendations to developers, architects, and system owners to remediate identified code vulnerabilities and improve the security of applications. Ensure that all secure recommendations align with development timelines and technical feasibility.
  • Develop and Maintain Security Procedures and Guidelines: Create and update secure software development lifecycle (SDLC) protocols, ensuring they include best practices for vulnerability prevention. Establish a set of repeatable processes for conducting secure software assessments.
  • Collaborate with Development and Stakeholder Teams: Serve as a liaison between security, development, and operations teams, ensuring shared understanding of application security goals and activities. Incorporate security requirements into development workflows and stakeholder requirements.
  • Monitor Application Threats in Real-Time: Implement baseline measures to monitor frameworks, libraries, and third-party software for vulnerabilities or new security threats. Ensure that vulnerabilities associated with third-party code are identified, assessed, and remediated effectively.
  • Assess and Integrate Emerging Tools and Techniques: Evaluate new application security tools, methods, and frameworks for integration into software development environments to enhance security.
  • Perform Reporting and Communication: Develop comprehensive reports to communicate assessment findings, risks, and remediation steps to stakeholders and leadership in a clear and actionable format. Provide periodic updates and performance metrics on application security initiatives to leadership.

Knowledge, Skills, and Abilities

  • Secure Coding Practices and Standards
    :
    Expertise in secure software development methodologies, including OWASP Secure SDLC, OWASP Top 10, and CWE/SANS Top 25 vulnerabilities.
  • Static and Dynamic Application Security Testing…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search