About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
About The Role
We are seeking a highly skilled and innovative Web Application Security Assessor to join our team in the greater DMV area, supporting the Army National Guard.
Responsibilities
- Lead defensive web application assessments: plan and execute comprehensive evaluations of enterprise web services from discovery through remediation validation.
- Perform advanced manual testing to validate complex findings (SQL injection, XSS, authentication/authorization flaws, access control issues) beyond automated scans.
- Triage scan outputs, rule out false positives, and prioritize findings by exploitability, impact, and mission risk.
- Provide authoritative remediation guidance: explain root causes, recommend mitigations, and advise secure coding/configuration practices to development and operations teams.
- Coordinate assessment lifecycles with system owners, developers, QA, and cybersecurity stakeholders; validate fixes and retest to confirm closure.
- Analyze enterprise vulnerability trends to identify systemic weaknesses and recommend defensive improvements.
- Produce detailed technical reports, evidence bundles, and executive summaries to support risk management, compliance, and continuous improvement.
- Contribute detection/use‑case inputs to detection engineering and SOC teams to improve monitoring of web threats.
#ENOCS
Qualifications
Qualifications
- Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
Clearance: Active TS/SCI clearance.
Candidate must meet ONE of the following:
- Master’s degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
- Relevant DoD/military training (documented advanced application security or offensive security coursework); OR
- Relevant professional certification or equivalent experience (examples: CISSP‑ISSEP; ISC2 CSSLP; GIAC GWAPT).
Required experience and skills:
- Web application security, penetration testing, or secure development experience with at least 3 years performing advanced web assessments.
- Expert knowledge of web vulnerabilities (OWASP Top 10), manual testing techniques, authenticated testing, and exploit validation.
- Hands‑on experience with web testing tools (Burp Suite, ZAP), code review for security, and methods for secure remediation and mitigation.
- Ability to produce reproducible test evidence, technical remediation guidance, and executive‑level risk summaries.
- Experience coordinating assessments in production/staging environments and validating fixes under change control.
Desired:
- Prior DoD/ARNG web security assessment or application security program experience.
- Experience integrating findings into detection engineering, WAF tuning, CI/CD security gates, and developer training programs.
#ENOCS
Details
Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Benefits Statement:
Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at <a href="https://www.careers.peraton.com/benefits" target="_blank" rel="noopener">https://www.careers.peraton.com/benefits.
Application Duration Statement:
The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
