Position Description

AppSec Analyst/Engineer
Location Remote
Req # 12570
# of openings 1
Apply Now

ECS is seeking an AppSec Analyst/Engineer to work Remote.


Job Description:

  • Adhere to, track, measure and evaluate compliance across the enterprise for Application Security
  • AppSec Analyst
    • Perform all Application Security Analyst functions, within the Fortify SSC, Sonatype, Burp and Web Inspect security suite of tools
    • Conduct scans for
    • DHRA and DMDC applications
    • Evaluate compliance, non-compliance, N/As and false positives and priority recommendations for development teams.
    • Coordinate with the application owners, and other designated POCs or AppSec compliance analysis and feedback
    • Conduct cybersecurity vendor tool analysis and provide security assessment of vendors
    • Perform data analysis and interpret results
    • Collect data from across the enterprise and generate value added metrics and reports
    • Collaborate with leadership and government personnel to develop metrics based on enterprise situational awareness
    • Maximize the use of existing tools to correlate information and synthesize data into usable and actionable events.
    • Process all AppSec ServiceNow Tickets within the defined SLA
    • Maintain AppSec SharePoint sites process flows and data for accuracy and reporting
    • Generate, track and coordinate POA&MS
    • Perform analysis and tracking of POA&Ms’ Not Applicable Status Engineering
    • Support the technical implementation of existing and future cybersecurity tools
    • Support client’s cybersecurity architecture by providing active and engaged solutions to IT teams relative to security design and review processes. Ensure the effective operations of existing and future Cybersecurity IT
    • Conduct effective engineering, requirements development and documentation, enterprise architecture documentation (SPARXs)
    • Develop cybersecurity capability requirements
    • Enhance the security posture, resilience, reliability of the customer’s cybersecurity IT infrastructure and processes across on-premises and multiple cloud environments
    • Develop and maintain network diagrams, topology diagrams, and other process flow diagrams
  • Work independently, as well as part of the Cybersecurity Team
  • Create and maintain SOPs, TTPs, knowledge articles and daily checklists
  • Prepare and present weekly presentation status slide


Required Skills:

  • Must be a US citizen, possess a DoD Top Secret clearance:  Minimum vetting Tier 5 (T5)-Single Scope Background Investigation (SSBI)
  • One of the following certifications for Active DoD 8570 IAT Level 3, IASAE Level 2, or IASAI 3 for compliance, including at least one of the following certifications in good standing: CISSP (or Associate), CASP+ CE, CISSP-ISSAP, CISSP-ISSEP, CCNP Security
  • Experience with one or more programming languages such as Java, .net, C++
  • Bachelor’s degree and 7+ years of Information Technology or Cybersecurity related experience
  • Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
  • Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions
  • Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
  • Knowledge of DoD cybersecurity policies, practices, and requirements


Desired Skills:

  • Prior DMDC experience
  • Project Management experience
  • Prior Fortify experience
  • Prior Engineering/Administration experience
  • Experience in an enterprise environment (1500 servers plus 2500 workstations)
  • Knowledge of DoD requirements including DISA STIGs and USCYBERCOM issuances
  • Strong troubleshooting skills


ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.


ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

Back Apply Now


The ECS Career Center is accessible to any and all users. If you would like to contact us regarding the accessibility of this portal or you need assistance completing the application process, please contact Karleigh Chavez, Recruiting Support Analyst, at 571-620-7408 or karleigh.chavez@ecstech.com. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.