Application Security Engineer

Position Summary:

The Application Security Engineer position supports secure application development and cybersecurity operations for Federal DoD programs. The role requires a deep expertise in application security, software development, federal cybersecurity standards, and secure architecture. Will be responsible for senior-level leadership in information security, secure SDLC integration, and compliance with federal security frameworks such as NIST 800‑53, NIST 800‑37 RMF, FedRAMP, and agency-specific security baselines.

Primary Responsibilities:

· Serve as the primary application security SME for the project, ensuring compliance with NIST, FISMA, FedRAMP, DHS, DoD, and agency-specific security requirements.

· Guide system teams through Risk Management Framework (RMF) steps related to application security, including control implementation, evidence gathering, and POA&M mitigation.

· Lead security architecture reviews for mission-critical systems, ensuring secure-by-design principles across federal systems and networks.

· Integrate security into the federal SDLC by defining secure coding standards, conducting code reviews, and providing architectural input.

· Conduct and lead advanced security testing.

· Provide CISSP-level expertise on risk evaluation, compensating controls, and secure architecture guidance.

· Guide enterprise risk posture by advising leadership on vulnerabilities, mitigations, and long-term remediation planning.

· Ensure secure configurations of cloud resources within AWS GovCloud FedRAMP environments.

· All other duties as assigned by management.

Skills and Qualifications:

· Bachelor’s degree in computer science or related field

· 10 years in application development and IT security

· Experience performing risk assessments for Federal systems in AWS GovCloud

· Experience supporting FedRAMP High/Moderate systems

· Knowledge in Java, Python, HTML, SQL, CSS and cloud computing

· Excellent communication and management skills.

Certifications Required:

· Certified Secure Software Lifecycle Professional (CSSLP)

· Certified Information Systems Security Professional (CISSP)

· CompTIA Security +

Certifications Preferred:

· Certified Ethical Hacker (CEH)

Security Clearance Requirements:

· Must be a U.S. Citizen

· Must have an active DoD Secret clearance.

Work Location:

· 3 days in Fairfax, VA, 2 days in Washington, D.C.

Pay: From $50,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Health insurance
• Paid time off
• Parental leave
• Retirement plan
• Tuition reimbursement
• Vision insurance

Work Location: In person