Web Developer Security Engineer

Position Overview: Nationwide IT Services (NIS) is seeking a Web Developer Security Engineer to support application security initiatives across web applications, APIs, and the software development lifecycle (SDLC). The selected candidate will be responsible for secure application design, vulnerability management, DevSecOps integration, security monitoring, WAF administration, File Integrity Monitoring (FIM), and Tier II security operations support., * Perform application security reviews and threat modeling.

• Conduct vulnerability assessments and oversee remediation efforts.
• Implement and maintain security controls within CI/CD pipelines.
• Configure and tune WAF and File Integrity Monitoring solutions.
• Analyze logs, investigate security events, and support incident response activities.
• Collaborate with development teams to ensure secure coding practices.
• Support compliance, audit, and security authorization requirements.

• Minimum 3 years of experience in Application Security and Secure Software Development Lifecycle (SSDLC).
• Strong knowledge of web application security principles and OWASP Top 10 vulnerabilities.
• Experience managing the full vulnerability lifecycle, including threat modeling, security assessments, remediation, and validation.
• Experience with secure application design, architecture reviews, data protection, and secure communications.
• Hands-on experience with Web Application Firewall (WAF) deployment, configuration, and tuning.
• Experience with File Integrity Monitoring (FIM), log analysis, Indicators of Compromise (IOC) detection, and threat intelligence automation.
• Experience supporting Tier II Security Operations.
• Experience implementing DevSecOps practices and automated security controls within CI/CD pipelines.

Technical Skills:

• .NET Technologies: C#, ASP.NET MVC, WCF
• Front-End: HTML5, CSS3, JavaScript, React, TypeScript
• APIs & Databases: REST APIs, SQL
• Programming/Scripting: Python, Node.js, Java
• AI-Assisted Development Tools (e.g., GitHub Copilot)
• Security Tools: SIEM, IDS/IPS, NDR, EDR
• Cloud & Container Security: AWS, Docker, Kubernetes

Compliance & Governance:

• Experience supporting environments governed by NIST SP 800-53, FISMA, and FedRAMP.
• Experience participating in audits, security assessments, and authorization activities.

Education:

• Bachelor's degree or higher in Computer Science, Cybersecurity, Information Systems, Engineering, or a related field. *, * Experience securing federal government applications and systems.

• Experience integrating security controls into modern CI/CD pipelines.

• Strong understanding of cloud-native and containerized application security.

Working at NIS means being part of a company grounded in purpose, resilience, and a genuine commitment to people. Since its founding in 2006, NIS has focused not only on delivering exceptional services to our government customers, but also supporting our nation, taxpayers, and citizens-while consistently prioritizing the well-being and growth of its employees. Today, NIS continues to evolve by embracing remote work, enhancing wellness initiatives, and investing in modern technology, all while staying true to its mission.