Application Security Analyst
ECS Corporate Services

Clarksburg, West Virginia

Posted in Electronics


This job has expired.

Job Info


ECS is a federal contractor. As such, we are subject an Executive Order requiring all employees of federal contractors to be fully vaccinated for COVID-19 by December 8, 2021. Therefore, by applying for this position, you understand that you will be required to verify that you have been, or will be, fully vaccinated by December 8, or to verify that you cannot be vaccinated due to a legally recognized exception to the vaccine mandate set forth in the Executive Order.

Note: An individual is not considered to be fully vaccinated until two weeks after receiving the second vaccine dosage in a vaccine regimen involving two vaccines.

The above does not apply to personnel applying to United States Postal Service positions, however, as an ECS employee you will be required to complete the ECS COVID-19 survey to be compliant with Executive Order 14024.

ECS is seeking an Application Security Analyst to work in our Clarksburg, West Virginia / Remote office.

Job Description:
The Vulnerability Assessment Lab (VAL) provides software engineering and analysis services to determine the presence of vulnerabilities in software products prior to their introduction to the FBI's operational network.

The VAL will be responsible for:

  • Supporting the SAA process of CJIS information systems through secure coding evaluation, to verify and validate conformance to Federal and FBI policies, regulations, FISMA compliance and standards, and meet specified security requirements;
  • Assisting the ISSOs in evaluations of delivered software;
  • Conducting static analysis on source code developed in common programming and scripting languages, including, but not limited to, C, C++, Java, C#, Groovy, Python, Perl, Pup, JavaScript, Ruby, Bash, Powershell, and Objective C, and identifying the presence of any vulnerabilities or potentially malicious logic;
  • Conducting dynamic, manual, and automated binary reverse engineering analysis on developed applications identifying the presence of any vulnerabilities or potentially malicious logic;
  • Supporting full stack security analysis of developed and deployed applications, including implemented OS, platform, application, and interface and operations and maintenance (O&M) components;
  • Providing technical guidance on common software vulnerabilities and methods for avoiding them in application development;
  • Creating frameworks, internal tooling, scripts, and application extensions to support efficient and effective software security analysis processes;
  • Providing technical guidance on secure software development methodologies, techniques, and best practices;
  • Providing technical guidance on typical indications of malicious logic and intent for both source code and compiled binary files;
  • Reviewing and evaluating information technology project software design, architecture, and implementation decisions. Providing feedback on areas of potential security weakness and recommendations on improvements to resolve areas of concern
Required Skills:
  • Associates Degree
  • Top-Secret Clearance
  • Previous System Administration, Developer, and Web services experience in an Enterprise Environment utilizing cross platform technologies;
  • Knowledge of networking and virtualization technology, such as OpenStack, RHEV, etc.
  • Experience in information system compliance with government standards and industry best practices (e.g. NIST, OWASP, Common Criteria, DISA and SANS Institute)
  • Documented experience in Python, Perl, and JAVA.
  • Documented experience is preferred in as many of the following programming languages, web services, and applicable software stacks as possible: REST, PowerShell, SOAP, Apache Struts, Websockets, Java Message Queue, RPC over HTTP, WIA (Windows, IIS, ASP.NET), C, C++, C#, Node.js, JavaScript, Pega, Groovy, LAMP (Linux, Apache, MySQL, PHP), AMP (Apache, MySQL, PHP), JOLT (Java, Oracle, Linux, Tomcat), and LAMJ (Linux, Apache, MySQL, JSP Servlets).
Desired Skills:
  • Certified Application Security Specialist (CASS) Preferred
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.


This job has expired.

More Electronics jobs


Faith Technologies
Clarksville, Tennessee
Posted about 3 hours ago

Faith Technologies
Smyrna, Georgia
Posted about 3 hours ago

Faith Technologies
Nashville, Tennessee
Posted about 3 hours ago

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.