Web Developer Security Engineer
CMT
ABOUT US:
CMT Services Inc. is a dynamic and small business supporting Federal, State, and Local government agencies. As an SBA-certified HUBZone, Woman Owned Small Business (WOSB), we deliver quality, professional services to support the missions and strategic business goals of our clients. Position Title: Web Developer Security Engineer Location: US Congressional Budget Office Ford House Office Building, 4th floor 2nd St SW, 441 D St SW Washington, DC 20024 Period of Performance: 08/15/2026 - 08/14/2031 Place of Performance: Remote work; however, at CBO's discretion employees may be required to work on-site at CBO facilitiesPosition Summary:
Protects CBO's mission-critical web applications, APIs, and sensitive data by embedding strong security throughout the software development lifecycle - making security a proactive, built-in part of design and delivery. Key Responsibilities:
- Identify, analyze, and neutralize critical vulnerabilities, logic flaws, insecure dependencies, and misconfigurations.
- Drive the end-to-end vulnerability lifecycle - proactive threat modeling, advanced security assessments, and remediation validation.
- Support integration of security controls into application architectures, APIs, and services; advise on secure design patterns, data protection, and secure communication protocols.
- Obtain, review, and analyze web server and application logs to detect anomalies and indicators of compromise.
- Implement automation scripts for threat-intelligence integration; support end-to-end response to web application security events.
- Maintain documentation of findings, remediation steps, and security controls.
- Ensure web applications and cloud infrastructure comply with NIST SP 800-53, FISMA, and FedRAMP (as applicable); participate in audits, risk assessments, and authorization.
- Extensive hands-on secure software development, DevSecOps automation, and vulnerability remediation.
- Proficiency in log analysis, file integrity monitoring (FIM), and managing web application firewalls (WAF).
- Minimum 3 years in Web Application Security, AppSec, or secure SDLC (SSDLC).
- Development with modern web technologies and frameworks including .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, and SQL.
- Ability to leverage AI-assisted development tools (e.g., GitHub Copilot, OpenAI API/Codex) and scripting (Python, JavaScript/Node.js, Java, React.js, TypeScript) to automate security monitoring and compliance audits.
- Strong understanding of OWASP Top 10, secure coding standards, and mitigation of common web vulnerabilities.
- Deploying, tuning, and maintaining WAF solutions tailored to custom applications and traffic patterns.
- Configuring/managing File Integrity Monitoring (FIM) for web content directories.
- Familiarity with security testing tools - Wireshark, SIEM, IDS/IPS, NDR, or EDR.
- Evaluating/recommending/implementing security controls for mobile device and mobile-web interfaces.
- Performing complex risk assessments, analyzing cyber threats, and providing remediation guidance for core systems and dependencies.
- Implementing DevSecOps principles - integrating security controls throughout the CI/CD pipeline.
- Developing security metrics, managing compliance reporting, and auditing systems against baselines.
- Effective cross-team collaboration and independent work; providing Tier II support for security operations.
- Bachelor's degree (or higher) in Computer Science, Cybersecurity, Information Systems, Engineering, or a related field.
- Specialized AppSec: CSSLP (Certified Secure Software Lifecycle Professional); GWEB (GIAC Certified Web Application Defender); CASE (EC-Council Certified Application Security Engineer).
- Offensive Security: OSWE (OffSec Web Expert); OSCP (Offensive Security Certified Professional).
- Foundational Security: Security+; GSEC.
By submitting your resume for this job posting, you authorize CMT Services, Inc. to forward your resume to all applicable internal and external managers, agencies, and recruitment personnel for review and consideration to hire.
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Web Developer Security Engineer in Washington DC vacancy
- We are seeking a Web Developer / Application Security (AppSec) Engineer with expertise in secure software development and application security. The ideal candidate will have experience implementing Secure SDLC (SSDLC), DevSecOps automation, vulnerability remediation, and...SuggestedLocal area
- ...support the federal government’s most critical national security and defense priorities, helping protect the nation, strengthen... ...is where your next mission begins. Ardent is seeking a Web Developer Security Engineer to join our team. This position is based in Washington,...SuggestedLocal areaRemote workFlexible hours
- Ardent Management Consulting, Inc in Washington, DC is seeking a Web Developer Security Engineer to enhance the security of mission-critical web applications and cloud environments. This role entails integrating security throughout the software development lifecycle, remediating...Suggested
$110k - $135k
...POSITION OVERVIEW Reporting to the Program Manager, the Web Developer Embeds security across the SDLC for mission-critical web apps, APIs, and... ...analysis, FIM, WAF management ~3+ Web AppSec / AppSec Engineering / SSDLC ~ Modern web tech incl. .NET (C# MVC, WCF), HTML...Suggested$115k - $190k
...Job Description Job Description Web Developer Security Engineer Clearance Requirement: Public Trust (Tier 2) Location: Remote/Hybrid (as approved by customer) Position Overview: Nationwide IT Services (NIS) is seeking a Web Developer Security Engineer to support...SuggestedRemote work- Job Overview Front End Developer - Senior Hybrid (first 60 days on-... ...maintenance of modern, user‑focused web applications that support... ...with UX designers, backend engineers, and product teams to... ...important role in delivering secure, scalable, and reliable front...
- A government services contractor is seeking a Full Stack Web Developer to support enterprise-wide data initiatives. The role entails software application development, testing strategy development, and team collaboration to create integrated solutions. Candidates should...For contractors
- Accenture Federal Services is seeking a seasoned Full Stack Developer to design and deliver end‑to‑end applications—from database to API... ...authentication. Expect AWS, Terraform, GitLab, and DevSecOps practices in a secure, multi‑partition environment. #J-18808-Ljbffr Accenture...
- A government service provider based in Virginia is seeking a Full Stack Web Developer to enhance software applications within various teams. The ideal candidate will have 11 years of experience and a Bachelor's degree in a related field, showcasing expertise in JavaScript...Flexible hours
$120k - $155k
Syntelligent Analytic Solutions, LLC is hiring a Full Stack Developer to support Federal Government initiatives. The role includes collaborating in a product team to develop backend and frontend solutions, ensuring high code quality, and automating processes. Required skills...$98.5k - $184.9k
A leading technology consulting firm is looking for a skilled UI/UX Engineer/Designer to enhance user interfaces for web applications. The ideal candidate will conduct user research and develop intuitive designs that meet accessibility standards. Responsibilities include...- Web Application Developer - Mid Hybrid (first 60 days on-site then transitions to hybrid) Clearance: Top Secret (will be processed for SCI and... ...development standards, governance practices, and security guidelines. Communicate project status, risks, and technical...
$62 - $73 per hour
Full Stack Java Developer (Senior) Rate: $62-73/hr (Can potentially flex for more senior level candidates) Location: Hybrid / On-Site Clearance... ...Agile environment. This role will be responsible for building secure backend services, modern user interfaces, database solutions,...Flexible hours- ...in Bethesda, MD, seeks a Sr. Full Stack Developer to design, build, and maintain systems... ...a DevOps environment. You will work on security-focused software, cloud environments, and... .... Candidates should have 8+ years in engineering with Java/Angular/Spring, experience with...
$174k - $253k
Senior Security Engineer, AI/ML, National Security, Public Sector Job Level Mid Location and Working Conditions Washington D.C., DC, USA;... ...maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively...Temporary workWork at officeLocal areaRemote workWorldwide- Washington DC We are seeking an experienced Endpoint Engineering & Security Engineer with 8+ years of IT, endpoint engineering, or cybersecurity experience . The ideal candidate will have hands‑on expertise in Windows and macOS workstation imaging, Microsoft Intune, Windows...Local area
$40 per hour
A cybersecurity firm is seeking experienced cybersecurity professionals to evaluate AI-generated security content, solve technical problems, and provide feedback to improve AI systems. This is a flexible remote position, allowing you to work on chosen projects within a...Remote jobHourly payFlexible hours- M.C. Dean, Inc. is looking for a Security Systems Engineer 3 in Washington, DC. You will be integral in designing and maintaining electronic security systems for various clients. The role demands collaboration with multidisciplinary teams and requires an active SECRET Clearance...
- ...Support. This position entails employing software development techniques to solve complex analytical challenges critical to national security. Successful candidates will have strong development skills in various programming languages and tools, facilitating the automation...Full time
- Okta is seeking a Staff Product Security Engineer in Washington to enhance security across AI-driven platforms. You will conduct offensive research and perform security assessments on innovative systems. The ideal candidate has at least 7 years of experience in information...
$166k - $253k
...vision, sensor fusion, and networking technology to the military in months, not years. About The Job We’re seeking a Security Software Engineer to develop novel security tooling for securing embedded Linux systems and Android devices. The ideal candidate can develop,...Relocation package$130k - $175k
A pioneering aerospace company in Washington, D.C. seeks a Security Software Engineer responsible for developing security features and building security infrastructure for national security efforts. The ideal candidate has a Bachelor's degree in a STEM field or equivalent...$174k - $239k
Secure Every Identity, from AI to Human Identity is the key to unlocking the potential... ...talk. We are looking for a Staff Software Engineer that will join the Auth0 Security... ...provide maximum protection with minimum developer friction. Identity & Access Management...Permanent employmentLocal areaWorldwideFlexible hours- Role, Inc. is seeking a Security Engineer III to lead security audits of Amazon's systems, identify security risks, and develop robust security frameworks. This position requires extensive experience in vulnerability assessment, penetration testing, and communication of...
- BOAB Ventures is seeking a Software Engineer to develop and maintain full stack software applications... ..., Go, or similar). Experience with web frameworks, relational and/or non‑relational... ...best practices, design patterns, and secure coding principles. Experience with...
- The Software Engineering Institute of Carnegie Mellon University in Arlington is seeking a Senior AI Security Software Engineer. This role involves developing machine learning-based solutions to enhance AI security for critical infrastructure. Candidates must have significant...Flexible hours
$180k - $220k
STR is seeking a Lead Software Engineer / Back-End Developer located in Arlington, VA. The successful candidate will implement software solutions... ...components. Candidates must hold an active Top Secret security clearance and have extensive experience in software engineering...- Expression is looking for a Full Stack Developer to enhance our team in Washington, DC. This role requires proficiency in both front-end and back-end development, offering the chance to work on innovative applications. The ideal candidate should possess strong technical...
- Accenture Federal Services is looking for a Security Engineering Lead in Arlington, VA. This role involves managing the engineering and sustenance of the security infrastructure for CBP SOC. You will lead a team responsible for the full lifecycle management of security...
- Okta is seeking a Staff Product Security Engineer based in Washington, DC. The role involves conducting comprehensive security reviews, guiding engineering teams, and managing retention strategies for vulnerabilities. Candidates should have expertise in authentication protocols...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Web Developer Security Engineer. Be the first to apply!
Related searches
- amazon web services engineer Washington DC
- remote junior web developer Washington DC
- content developer Washington DC
- remote entry level web developer Washington DC
- senior web developer Washington DC
- ecommerce web developer Washington DC
- angular web developer Washington DC
- web developer internship remote Washington DC
- remote contract web developer Washington DC
- entry level junior web developer Washington DC
