Scalence L.L.C. · 22 hours ago
InfoSec Analyst IV
Reston , VA
Full-time
Hybrid
Senior Level
6+ years expScalence L.L.C. is a company focused on security solutions, and they are seeking an InfoSec Analyst IV. The role involves conducting comprehensive security assessments, performing application security testing, and communicating findings to stakeholders.
Information Technology & Services
Responsibilities
Conduct manual application security assessments using Secure Code Reviews and Application Penetration Testing to identify vulnerabilities across web, API, and backend components
Demonstrate strong knowledge of a wide range of application security issues, including common vulnerability classes, exploitation techniques, mitigation strategies, and industry-standard security controls (OWASP, secure frameworks, coding patterns)
Utilize tools such as Burp Suite, OWASP ZAP, and other proxy, fuzzing, and scanning utilities to perform effective penetration testing and validation
Perform manual code reviews in one or more programming languages to identify insecure coding practices and provide guidance aligned with secure coding best practices
Assess the severity and risk of identified vulnerabilities considering exploitability, impact, and business context; communicate findings clearly to technical and non-technical stakeholders
Produce structured assessment reports documenting: Technical testing approach and scope, Vulnerability details and evidence, Root cause and business impact, Practical, prioritized, and realistic remediation strategies
Experience in software development or familiarity with modern application architectures is a plus, enabling effective collaboration with engineering teams
Clearly and professionally communicate complex security concepts, both verbally and in writing, and collaborate effectively with developers, architects, and product teams
Qualification
Required
6+ years of work experience
Conduct manual application security assessments using Secure Code Reviews and Application Penetration Testing to identify vulnerabilities across web, API, and backend components
Demonstrate strong knowledge of a wide range of application security issues, including common vulnerability classes, exploitation techniques, mitigation strategies, and industry-standard security controls (OWASP, secure frameworks, coding patterns)
Utilize tools such as Burp Suite, OWASP ZAP, and other proxy, fuzzing, and scanning utilities to perform effective penetration testing and validation
Perform manual code reviews in one or more programming languages to identify insecure coding practices and provide guidance aligned with secure coding best practices
Assess the severity and risk of identified vulnerabilities considering exploitability, impact, and business context; communicate findings clearly to technical and non-technical stakeholders
Produce structured assessment reports documenting technical testing approach and scope, vulnerability details and evidence, root cause and business impact, practical, prioritized, and realistic remediation strategies
Clearly and professionally communicate complex security concepts, both verbally and in writing, and collaborate effectively with developers, architects, and product teams
Preferred
Experience in software development or familiarity with modern application architectures is a plus, enabling effective collaboration with engineering teams
Company
Scalence L.L.C.
In today’s dynamic and competitive market, success hinges on mastering three key areas: Data Intelligence, Business Resilience, and Digital Experience.
501-1000 employees
Funding
Current Stage
Late StageCompany data provided by crunchbase