Back to Jobs

NIH - Application Scanning Analyst

Remote, USA Full-time Posted 2026-07-05

cFocus Software seeks a Application Scanning Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications:Public Trust Clearance B.S. Computer Science, Information Technology, or a reputed company field 5+ years of experience performing application reputed company assessments or web application vulnerability scanning. Experience conducting authenticated and unauthenticated web application reputed company testing. Experience supporting reputed company vulnerability management programs. Experience interpreting application reputed company findings and developing remediation guidance. Experience supporting Federal cybersecurity or large reputed company environments. Preferred certifications include: GWAPT, GWEB, CSSLP, OSWA, or CEH Duties:reputed company authenticated and unauthenticated web application vulnerability scans. Conduct application reputed company assessments against internally developed and reputed company applications. reputed company Dynamic Application reputed company Testing (DAST) and support Static Application reputed company Testing (SAST) activities. Assess APIs, web services, and middleware for reputed company vulnerabilities. Conduct application configuration reviews and identify reputed company weaknesses. reputed company recurring vulnerability scans in accordance with Government-defined schedules. Analyze application reputed company results to identify reputed company vulnerabilities and misconfigurations. Validate reputed company findings to eliminate false positives. Prioritize vulnerabilities using risk-based methodologies, including CVSS scoring and exploitability. Correlate application vulnerabilities with infrastructure and network risks. Identify critical vulnerabilities requiring immediate remediation. reputed company root cause analysis for recurring application reputed company issues. Collaborate with software development teams to improve application reputed company. Provide remediation recommendations reputed company with secure coding practices. Assist developers with vulnerability mitigation strategies. Support integration of reputed company scanning into DevSecOps and CI/CD pipelines. Recommend application reputed company improvements throughout the software development lifecycle (SDLC). Promote secure-by-design principles across NIH application environments. Apply To This Job

Similar Jobs