Banner Default Image

Overview

Sr. Application Security Engineer | Hybrid | Washington D.C | Active TS/SCI Required


Competitive Salary + Annual Bonus + Sign-on Bonus + Benefits

Our client is looking for a Sr Application Security Engineer who is passionate about what they do. If you want to join a company that values mission-critical work at the highest levels of the Government and are open to commuting to Washington, DC, we want to speak with you! Come be a game changer and join our team!


Our ideal candidate has experience:

  • Establishing and maintaining a high level of client trust and confidence
  • Supporting static code scanning tools on government code bases, which include multiple programming languages and frameworks (Microfocus Fortify Static Code Scanning, software security center, GITLAB SAST, and IBM/HCL APPSCAN Source)
  • Providing application security and penetration testing with distributable reports for review
  • Assisting the government in remediation of security vulnerabilities on code bases and application infrastructure
  • Assisting the government by configuring and maintaining the code scanning and security toolsets

Job Requirements:

  • 1 -3 years of direct experience with Application Security
  • Knowledge of best practices and IT operations in zero downtime environments
  • 3 years of relevant security analyst experience, at least 3 of which are working software development
  • Knowledge of and experience with DISA STIGS
  • A BA/BS degree and/or education/certifications commensurate with experience
  • The ability to obtain a DoD Instruction 8570 Level II Certification (Security+) within 6 months of start
  • An active TS/SCI security clearance

Plusses:

  • Knowledge of programming languages such as:
    • C and C++, Java, JavaScript, XML, and SQL, .NET, C#
  • Experience with CI/CD tools such as Jenkins, TeamCity, Octopus
  • Experience with Docker and orchestration suites such as Kubernetes, AKS/EKS/GKE
  • Experience with version control solutions such as Git, GitHub, TFS, BitBucket, or similar
  • Experience with Agile/Scrum development methodology and related toolsets such as Atlassian suite
  • The ability to communicate effectively (both verbally and written) with immediate team, upper-level management, and various development teams
  • Dynamic Application Security Testing (DAST) and Static Applications Security Testing (SAST) experience
  • DevSecOps experience
  • Current CISSP and CSSLP certifications