Senior Application Security Engineer

EPICSOFT CORPORATION
Reston, United States of America
7 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Senior
Compensation
$ 156K

Job location

Reston, United States of America

Tech stack

Kubernetes Security
Java
Amazon Web Services (AWS)
Azure
Cloud Computing Security
CompTIA Security+
Open Web Application Security
Systems Development Life Cycle
Secure Coding
Software Engineering
Software Vulnerability Management
Web Applications
Google Cloud Platform
Cloud Platform System
Software Security
Kubernetes
Devsecops
Jenkins
Static Application Security Testing
Dynamic Application Security Testing

Job description

We are seeking an experienced Application Security Engineer to lead application security initiatives across modern cloud-native environments. This is a technical leadership role that requires close collaboration with software engineering teams to integrate security throughout the Software Development Life Cycle (SDLC).

The ideal candidate will have strong expertise in DevSecOps, Cloud Security, AI Security, Kubernetes, vulnerability management, and application security testing.

Responsibilities

  • Lead application security initiatives across the SDLC.
  • Partner with development teams to implement secure coding practices.
  • Identify, assess, and remediate application and cloud security vulnerabilities.
  • Integrate security into CI/CD pipelines using Jenkins and DevSecOps practices.
  • Perform application security reviews and threat modeling.
  • Conduct security testing using SAST, DAST, IAST, and Software Composition Analysis (SCA).
  • Implement cloud-native security controls for Kubernetes and containerized applications.
  • Collaborate with engineering teams to improve application and infrastructure security.
  • Support secure deployment of applications in AWS cloud environments.

Requirements

  • 7+ years of experience in Application Security or DevSecOps.
  • Strong knowledge of the Software Development Life Cycle (SDLC).
  • Hands-on experience with DevSecOps and Vulnerability Management.
  • Experience securing cloud environments (AWS preferred).
  • Experience with Cloud Security and AI Security.
  • Working knowledge of Java application development.
  • Deep understanding of:
  • OWASP Top 10
  • API Security Top 10
  • Secure Coding Practices
  • Common Web Application Vulnerabilities

Experience with cloud security platforms such as:

  • Wiz
  • CrowdStrike
  • CNAPP
  • CSPM
  • CWPP
  • KSPM
  • Experience with Jenkins and CI/CD security.
  • Hands-on experience with:
  • SAST
  • DAST
  • IAST
  • SCA
  • Strong knowledge of:
  • Kubernetes
  • Amazon EKS
  • Container Security

Preferred Qualifications

AWS, Azure, GCP, or Application Security certifications.

CISSP, CSSLP, Security+, or similar security certifications.

Experience leading application security programs.

  • Excellent communication and stakeholder management skills.

Benefits & conditions

$75 an hour - Contract, Pulled from the full job description

  • 401(k)
  • Health insurance
  • Flexible schedule, * 401(k)
  • Flexible schedule
  • Health insurance

Apply for this position