Security Testing Lead

Role Overview

• Coordinate and execute dynamic security testing aligned to common attack vectors (OWASP Top 10, SQL Injection, XSS, privilege escalation).
• Manage results from SAST/DAST scans, dependency scanning, and licensing compliance checks; document and track findings to closure.
• Maintain and update security test plans, scenarios, and coverage reporting aligned with program security posture and playbook requirements.
• Support penetration testing activities and validate vulnerability remediation effectiveness.
• Provide consolidated security risk dashboards and reporting to stakeholders; communicate trends and readiness risks.
• Coordinate security testing schedules aligned with program milestones and release readiness evaluations.

Requirements

• 10+ years (5+ years application security testing in DevSecOps environments) (Tricentis Tosca experience preferred
• Security+ CE
• CEH or PenTest+
• CSSLP or CISSP
• Preferred: GIAC GPEN/GWEB (as available)
• Candidate must have active Top Secret Clearance with ability to be cleared to Top Secret/SCI.

Tech Stack

• SQL

Benefits

• Hybrid Work Environment: Work From Home and attend scheduled work sessions near Hanover, MD.
• Travel: Participate in scheduled meetings in and around the DC metropolitan area. Potential travel to locations throughout CONUS.