A major Federal Government agency is seeking multiple Application Security Specialists to uplift capability across application, cloud, and infrastructure environments. This is a contract opportunity.
What you’ll do:
* Conduct penetration testing across web apps, cloud, EUC and custom systems
* Perform threat emulation, threat modelling & control validation
* Produce high‑quality security artefacts, reports & mitigation recommendations
* Run static/dynamic code analysis (black/grey/white box)
* Automate common testing processes to improve efficiency
* Collaborate with dev, security and infrastructure teams
We’re looking for:
* Strong penetration testing & secure code review experience
* Solid scripting/programming skills
* Knowledge of PTES, MITRE ATT&CK, OWASP ASVS
* Excellent reporting & stakeholder communication skills
We require experience in:
* Python, Bash, PowerShell, JavaScript, C/C++, Java, .NET
* Tools: Burp Suite, Nmap, Metasploit, Cobalt Strike, Kali, BloodHound, Ghidra, IDA
* Certifications: OSCP, CRT, CRTP, GPEN, HTB CTPS
A current AGSVA NV1 clearance is mandatory.