Application Security Engineer – Federal DevSecOps

📋 Description

• Strategically plan, schedule, and execute SAST and DAST scans utilizing Veracode for a variety of federal web applications.

• Perform hands-on application security evaluations using Burp Suite Enterprise, encompassing proxy capture, authentication testing, repeater analysis, and manual verification of results.

• Analyze scan outcomes to differentiate between true positives and false positives.

• Integrate and sustain security tools within CI/CD pipelines through GitHub Actions.

• Assist in complex authentication testing scenarios involving PIV cards, EntraID, and SSO configurations.

• Manage Contrast for IAST coverage across more than 150 applications.

• Relay findings, updates, and remediation recommendations to development teams and federal clients during daily stand-ups and technical meetings.

• Keep abreast of evolving threats and federal compliance standards.

⛳️ Requirements

• Over 6 years of experience in IT.

• More than 3 years of dedicated experience in SAST/DAST application security assessments.

• At least 2 years of programming experience in Python, Java, .NET, or C#.

• A minimum of 3 years in designing and implementing enterprise-wide security measures.

• High school diploma or GED is required; a Bachelor’s degree in Computer Science, Information Technology, Information Security, or a related field is preferred.

• Public Trust / Suitability – U.S. Citizenship is mandatory.

• Practical, operational experience in administering SAST and DAST programs.

• Familiarity with Contrast (IAST) for deployment or workflow management across a large application portfolio.

• Participation in HackerOne or bug bounty programs; published CVEs or CWEs are advantageous.

• Experience with Selenium; adeptness in scripting authentication flows for SSO or EntraID environments.

• Knowledge of OWASP ZAP or Burp Proxy as supplementary tools.

• Relevant certifications in application security: CSSLP, OSCP, GWAPT, or equivalent are preferred.

🏝️ Benefits

• Medical Insurance

• Dental Insurance

• Vision Insurance

• Life Insurance

• Short Term & Long-Term Disability

• 401k Retirement Savings Plan with Company Match

• Paid Holidays

• Paid Time Off (PTO)

• Tuition and Professional Development Assistance