- Requires one of the following certifications: CEH, Security+, or equivalent.
- Defines best practices, performs software security architecture, and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across various applications, programming languages and platforms.
- Supports development of technical security safeguards to protect information systems from intentional or accidental access/destruction
- Liaison between development teams and stakeholders to understand and formulate security requirements
- Defines, maintains, and enforces application security best practices.
- Conduct vulnerability assessment and manual/automated code reviews
- Demonstrate vulnerabilities to application owners and provide mitigation recommendations
- Experience with SAST, DAST, and OSA tools.
- Performs and conducts penetration tests and manual/automated code reviews
- Experience with any programming language like Java, .NET, C#, etc.
- Knowledge about Secure Coding best practices and OWASP top 10, SANS 25, CVE, etc.
- Identify AppSec related tools/conduct tool analysis, and provide recommendations
- Apply technical knowledge to analyze/develop, create, and implement process improvements, trouble shooting, and operational support
- Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience.
- 5-10 years of experience as an Application Security Developer, Application Security Analyst, or equivalent.
- Expertise with application server technologies such as Spring Framework, Spring Security, Web Services, REST, and Hibernate.
- In-depth knowledge of and experience with security technologies, single-sign-on and identity management technologies.
- Expertise with web system security concepts, including authentication, authorization (RBAC), encryption/hashing, SAML, and LDAP.
- Knowledge of web application vulnerabilities such as cross-site scripting (XSS), sessions hijacking, SQL injection, CSRF (Cross-Site Request Forgery), OWASP Top 10, and other attack vectors.
- Hands-on experience with encryption, hashing, secure random number generation, key derivation, digital signatures, etc.
- Knowledge of network based, system level and application layer attacks and mitigation methods, and TCP/IP, HTTP/S, and related protocols.
- Experience with static code analysis tools including HP Fortify.
- Familiarity with JavaScript, NodeJS, or other scripting languages and BurpSuite or other intercepting proxy tools.
- Experience working with GIT source code management.
- Must have solid working experience and knowledge of Unix/Linux operating system.
- Experience with one or more of the following technologies: Vagrant, Chef, Rake, Gradle, Jenkins, and Cache DB is preferred.
- Understanding of Agile/Scrum methodologies is preferred.
- Experience with Axiomatics is a plus.
-
Security Engineer
2 weeks ago
NiyamIT Inc. Fairfax, United StatesJoin Our Team at Niyam IT: Embrace Diversity, Excel Together · Are you ready to be part of a dynamic, inclusive, and fearless team that values your well-being and individuality? At Niyam, we're not just a company; we're a close-knit community of experts and leaders dedicated to ...
-
Information Security Engineer
2 weeks ago
Charter Global Fairfax, United StatesJob Title: Information Security Engineer · Location: Fairfax, VA (Remote Need Only From DC, VA , MD , West VA) · Job Type: W2 · Duration: 3+ Months · Job ID: 41329 · Purpose: · We are interested in candidates with a strong development background and sizable exposure to Cybersecu ...
-
Application Security Engineer
3 weeks ago
Dunhill Professional Search Fairfax, United StatesApplication Security Engineer · *Full-Time Telework · *U.S. Citizenship · Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, performs software architecture and design ...
-
Senior Application Security Engineer
2 weeks ago
Charter Global Fairfax, United StatesJob Title: Senior Application Security Engineer · Location: Fairfax, VA (Remote Need Only From DC, VA , MD , West VA) · Job Type: W2 · Duration: 3+ Months · Job ID: 41329 · Purpose: · We are interested in candidates with a strong development background and sizable exposure to Cy ...
-
Security Engineer
3 weeks ago
NiyamIT Inc. Fairfax, United StatesJoin Our Team at Niyam IT: Embrace Diversity, Excel TogetherAre you ready to be part of a dynamic, inclusive, and fearless team that values your well-being and individuality? At Niyam, we're not just a company; we're a close-knit community of experts and leaders dedicated to prov ...
-
Cyber Security Systems Engineer
7 hours ago
CGI Group, Inc. Fairfax, United StatesCyber Security Systems Engineer Position Description The CGI Federal Offensive Security Group's Application Security Engineering team supports a wide variety of enterprise DevSecOps processes within CGI Federal's full portfolio of Agile Release Trains. We are seeking a profession ...
-
Principle System Security Engineer
5 days ago
Trispoke managed services Falls Church, United StatesJob Description · Job DescriptionJob Title: Principle System Security Engineer · Job Duration: 12 Month contract with potential extension. · Job Location: Falls Church, VA Note: US Citizen required for this position. · Job Description · Cybersecurity Engineering Design, prototype ...
-
Cyber Security Engineer II
1 day ago
Ohm Systems Falls Church, United StatesJob Description · Job DescriptionSummary: · We are seeking a Cyber Security Engineer II with a Public Trust clearance to join the Info Security Identity Access Portfolio team at USPS Gatehouse Center. The role involves supporting Authorization Management, developing security arch ...
-
Cyber Security Systems Engineer
1 day ago
CGI Group, Inc. Fairfax, United States Full timeCyber Security Systems Engineer · Position Description · The CGI Federal Offensive Security Group's Application Security Engineering team supports a wide variety of enterprise DevSecOps processes within CGI Federal's full portfolio of Agile Release Trains. We are seeking a prof ...
-
Cyber Security Project Engineer
1 week ago
Quevera LLC Fairfax, United StatesJob Description · Job DescriptionJob Description: · Quevera is seeking a Cyber Security Project Engineer to join an exciting, collaborative and innovative team. A place where you are positioned for More than Just a Job. Where leadership partners with you, seek to cultivate and su ...
-
Cloud Engineer with Security Clearance
3 weeks ago
Quevera Fairfax, United StatesQuevera is seeking a Cloud Engineer to join an exciting, collaborative and innovative team. A place where you are positioned for More than Just a Job. Where leadership partners with you, seek to cultivate and support career development, encouraging growth from within while strivi ...
-
Software Engineer with Security Clearance
3 weeks ago
The Andean Group Fairfax, United StatesWe are currently seeking a team member to join us in a fast-paced and dynamic environment focused on process improvement, incorporating the principles of biometric technology, data modeling, data mapping, data testing, data quality, and documentation preparation. Mandatory Skills ...
-
Remotework Fairfax, United StatesElasticsearch · Power insights and outcomes with the Elasticsearch Platform and AI. See into your data and find answers that matter with enterprise solutions designed to help you build, observe, and protect. Try Elas... · View company page · Elastic is an open source search co ...
-
Koniag Government Services Fairfax, United StatesYou will need to login · before you can apply for a job. · Cybersecurity Information Systems Security Engineer (isse) with · KDS Job ID Koniag Data Solutions, a Koniag Government Services company, is seeking a Cybersecurity Information Systems Security Engineer (ISSE) with a Se ...
-
ClearanceJobs Fairfax, United StatesWhy choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from mos ...
-
Tekfortune Inc Fairfax, United StatesTekfortune is a fast-growing consulting firm specialized in permanent, contract & project-based staffing services for worlds leading organizations in a broad range of industries. In this quickly changing economic landscape, virtual recruiting and remote work are critical for the ...
-
Senior Network Engineer with Security Clearance
2 weeks ago
MBA CSi Fairfax, United StatesThis position may, over time, accommodate a hybrid work schedule based on the following: First 3 months - 5 days on-site · Once 3 months is complete - 1 day Work From Home (WFH) · Once 6 months is complete - 2 days WFH · Once 9 months is complete - 3 days WFH · We are seeking a S ...
-
Network Security Engineer
2 weeks ago
Office of the Chief Financial Officer Fairfax, United StatesGovernment of the District of Columbia · Office of the Chief Financial Officer (OCFO) · Network Security Engineer (INFOSEC) · $103, $157,829.00 · This position is located in the Office of the Chief Financial Officer (OCFO), Office of the Chief Information Officer (OCIO). The ...
-
Corporate Security Engineer
1 week ago
Concept Plus Fairfax, United StatesYou will need to login · before you can apply for a job. · Corporate Security Engineer (CSE) with Security Clearance · Description Summary The Corporate Security Engineer (CSE) will work as part of the corporate security team to maintain and continuously mature CP's information ...
-
ClearanceJobs Fairfax, United StatesCompany Overview At ValidaTek, we modernize and optimize IT services to solve some of the most critical challenges facing federal civilian and defense agencies. From customers to partners to top-talent employees, ValidaTek puts people first, empowering them to exceed expectations ...
Application Security Engineer - Fairfax, United States - Dunhill Professional Search
![Dunhill Professional Search background](https://contents.bebee.com/companies/us/dunhill-professional-search/background-uLeah.png)
Description
Application Security Engineer
Applying for this role is straight forward Scroll down and click on Apply to be considered for this position.*Full-Time Telework
*U.S. Citizenship
Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, performs software architecture and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms.
Minimum Qualifications
Other Job Specific Skills
#cjpost