Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Application Security Engineer

$140k - $160k

Edgewater Federal Solutions

Overview

Edgewater is currently seeking an Application Security Engineer who will be a hands-on subject matter expert in Microsoft Azure cloud technologies, application security, security architectures, security tools, and methodologies. The Application Security Engineer will support our federal customer in Washington DC. This is a hands-on technical role that will provide the right candidate with an exciting opportunity to develop the federal customer's application security program, working with developers and the organization to meet the strategic security goals of the agency.


This is a remote position but requires the candidate to work at the federal site in Washington DC at least one day a month so candidates local to the Washington, DC area strongly preferred.

Due to the contract and nature of the work, US Citizenship is required to obtain a Department of Energy security clearance.

Responsibilities

    • Drive the strategic maturation of the agency's Application Security (AppSec) program by defining security standards, scaling automation, and embedding secure development practices across all product lifecycles.
    • Perform SAST assessments using Veracode and GitHub Advanced Security, identifying code-level vulnerabilities and providing remediation guidance.
    • Conduct and analyze DAST scans, including configuration, execution, and triage of results.
    • Evaluate and prioritize vulnerabilities using industry frameworks such as CVSS, CWE, OWASP Top 10, WASC, and SANS Top 25.
    • Collaborate with development, DevOps, and security teams to integrate security controls into CI/CD pipelines and the broader SDLC.
    • Provide expert advice on secure coding principles and assist developers in resolving security findings.
    • Troubleshoot application and connectivity issues in Linux-based environments.
    • Contributes to the design and implementation of enterprise-wide application security controls.
    • Ensure alignment with federal security and compliance standards, including NIST 800-53, FIPS, and FedRAMP.
    • Maintain awareness of emerging threats, vulnerabilities, and best practices in application security.
Qualifications
      • Experience supporting SAST/DAST environments using Veracode.
      • Experience with SCA tools and vulnerability remediation
      • Experience leveraging CI/CD deployment methodologies and infrastructure as code (IaC)
      • Experience writing playbooks and scripts for automation tools including Terraform, Ansible for IaC
      • Demonstrate proficiency with a scripting or coding language, preferably Python.
      • Proficiency in automation and scripting, such as PowerShell, Python, Bash, and Terraform.
      • Ability to discuss Information Security concepts such as defense in depth and zero trust.
      • Demonstrate ability to communicate ideas both verbally and in writing to management, business and IT stakeholders, and technical resources in language that is appropriate for each group.
      • Ability to work collaboratively with developers across multiple departments
      • Ability to work effectively in a fast-paced, project-oriented environment
      • Ability to analyze and prioritize vulnerabilities based on risk
      • Strong technical acumen, communication, and influence skills
      • Working knowledge of system hardening (CIS, STIGs regulatory compliance)
      • Experience working with and supporting Unix/Linux and Windows systems.
      • Experience with SCA tools and vulnerability remediation in containers
      • Container orchestration and container security experience
      • 3+ years in application security supporting SAST, DAST, and SCA environments
      • 3+ years of experience designing and implementing application security controls
      • 3+ years of experience working in Linux-based environments, including troubleshooting application and connectivity issues.
      • Knowledge of federal security and compliance standards (NIST 800-53, FIPS, FedRAMP).
    • Preferred Qualifications:
      • Experience in securing Azure cloud infrastructure (i.e., inspection, logging, WAF, VM)
      • Experience with Azure DevOps
      • Practical implementation and architectural experience in encryption techniques, including data at rest and in transit
      • Prior experience as a software developer is highly preferred
      Requirements
      • Bachelor's degree in computer science or related fields
      • Minimum of 8 years of experience in Information Security or related fields
      • CISSP or equivalent (CompTIA Security+, CEH, or DoD equivalent)
      Preferred Certifications:
      • ISC2 Certified Information Systems Security Professional (CISSP)
      • ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
      • GIAC Web Application Penetration Tester (GWAPT)
      • Microsoft Azure Security Engineer (AZ-500)
      • HashiCorp Terraform Associate (Infrastructure as Code)

Salary: $140,000 - $160,000

About Us:

Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2025.

It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other statuses protected by applicable law.status protected by applicable law.
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Application Security Engineer in Washington DC vacancy
  •  ...VA Contract What You'll Do: Collaborate with a team of engineers to implement *** specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications. Work with Development, DevOps and Security teams to... 
    Suggested
    Contract work
    Work experience placement

    US Tech Solutions

    Arlington, VA
    4 days ago
  •  ...Application Security Engineer Braintrust is the AI observability platform. By connecting evals and observability in one workflow, Braintrust gives builders the visibility to understand how AI behaves in production and the tools to improve it. Teams at Notion, Stripe... 
    Suggested
    Flexible hours

    Brain Trust Inc

    Washington DC
    5 days ago
  •  ...Job Title Must Have:- • Seeking candidates with solid expertise in manual web application penetration testing and manual secure code review. • Expertise in performing manual test case scenarios is a must. • Identification of vulnerabilities in source codes manually... 
    Suggested

    Yochana

    Washington DC
    2 days ago
  •  ...Senior Application Security Engineer Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed... 
    Suggested
    Worldwide
    Flexible hours

    Barracuda Networks

    Washington DC
    2 days ago
  •  ...Application Security Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across the disciplines of program/project management, applications development, infrastructure, Cyber security, and enterprise... 
    Suggested

    Comtech LLC

    Washington DC
    1 day ago
  •  ...Razor is looking for an Application Security Engineer to support the Defense Client Data Center (DMDC) Cyber PRIMES program by integrating security throughout the software development lifecycle and protecting enterprise applications supporting critical Department of... 
    Remote work
    Flexible hours

    Razor Talent

    Alexandria, VA
    5 days ago
  • Senior Application Security Engineer (WAF) 3956 Get AI-powered advice on this job and more exclusive features. Direct message the job poster from Tier4 Group About the Role Job Title: Sr. Application Security Engineer Location: Greater DC Area (2 days per week onsite hybrid... 
    Permanent employment
    Full time
    2 days per week

    Tier4 Group

    Washington DC
    2 days ago
  • $150k - $173k

    The Nuclear Company is seeking an experienced Application Security Engineer to help secure vital software and data systems. You will work closely with product and platform engineering teams to embed security into all stages of software development. This role is suited for... 

    The Nuclear Company

    Washington DC
    2 days ago
  • Responsible for leading application security engineering efforts, designing scalable security architectures, performing advanced risk assessments, integrating security across the SDLC, driving AI‑related security controls, evaluating vendor solutions, scaling automation... 

    Bloomberg Industry Group

    Arlington, VA
    2 days ago
  •  ...your expertise and challenge your skills in this exciting IT Security Engineering opportunity! We are seeking an experienced IT Security...  ...Department. In this role, you will provide IT security support for applications and software systems in all platforms as well as providing... 
    Work experience placement

    Eliassen Group

    Washington DC
    2 days ago
  • $166k - $200k

     ...military in months, not years. About The Team The Technical Security (TechSec) team within Anduril’s Corporate Security Program...  ...global landscape. About The Job The Senior Technical Security Application Engineer, Secured Spaces, is the technical authority for the design,... 
    Full time
    Contract work

    Anduril Industries

    Washington DC
    2 days ago
  • $150k - $173k

     ...nuclear industry toward rapid development in America and globally. About the role The Nuclear Company is searching for an Application Security Engineer to help secure the software, data systems, and developer workflows that power our Nuclear Operating System, internal... 
    Bi-weekly pay
    Work at office

    The Nuclear Company

    Washington DC
    2 days ago
  • Eliassen Group is seeking an experienced IT Security Engineer in Washington DC to provide security support for applications across various platforms. The role involves defining security frameworks, conducting penetration tests, and ensuring compliance with security standards... 

    Eliassen Group

    Washington DC
    2 days ago
  •  ...20. Since then, we have issued innovative bitcoin-backed securities and have been the leader in bitcoin treasury companies. This...  ...and redefine financial investment. Job Description Application Security Engineer Strategy (Nasdaq: MSTR) * Tysons Corner, VA * Full-... 
    Full time
    Shift work

    MicroStrategy

    Falls Church, VA
    4 days ago
  •  ...Job Description Veilant is looking for an Application Security Engineer to join our InfoSec team and help validate, secure, and continuously improve software developed by internal and partner engineering teams. This role is ideal for someone who combines a software engineering... 
    Work at office
    Flexible hours

    Ridgeline International, LLC

    Falls Church, VA
    18 hours ago
  •  ...Location- Hybrid in Memphis, TN, Addison, TX, or McLean, VA. Rate- $80-90/hr . ON W2 As Senior Lead Engineer for Application Security Architecture team, you will work closely with application team to help implement security solutions that are tailored... 
    Work experience placement

    3B Staffing LLC

    McLean, VA
    1 day ago
  •  ...implementing software solutions, troubleshooting production issues, and automating deployment processes using a range of modern tools. Applicants should have a strong knowledge of Python, Linux, and containerization technologies. We offer competitive salaries and benefits,... 

    bcmcllc

    Washington DC
    2 days ago
  • $115k - $150k

     ...safer. As a global leader in innovative security technology, we help businesses and law...  ...innovation, trust, and collaboration. From engineering to sales and support, every role...  ...something that matters. The Lead Security Application Engineer also internally known as our Lead... 
    Full time
    Worldwide
    Flexible hours

    3Si Security Systems

    Alexandria, VA
    1 day ago
  • Integral Federal, Inc. is seeking an AI-Advanced Technician to provide AI application and infrastructure support for the Defense Nuclear Facilities Safety Board (DNFSB) network. Responsibilities include designing and developing AI applications and implementing machine learning... 

    Integral Federal, Inc.

    Mc Lean, VA
    3 days ago
  • $105k - $130k

     ...of government and nonprofit organizations and individuals. Applications Engineer The Applications Engineer is a highly skilled technical position...  ...project work with minimal supervision, ensuring stable, secure, and scalable application solutions aligned with business needs... 
    Temporary work
    Work at office
    Remote work

    Katten

    Washington DC
    17 hours ago
  • $81k - $130k

     ...to learn more about Wagstaff? Join us for a virtual tour! Job Summary Primary duties consist of the application of electrical and/or mechanical engineering knowledge to the unique set of circumstances at each customer location, including but not limited to... 
    Contract work
    Work at office
    Local area
    Monday to Friday
    Shift work

    Wagstaff Inc

    Washington DC
    5 hours ago
  • $87k - $98k

    Jr. Applications Engineer (Analytics Solutions Focus) Camp Springs, MD Who is Blueprint? We are a technology solutions firm headquartered in Bellevue, Washington, with a strong presence across the United States. Unified by a shared passion for solving complicated problems... 
    Permanent employment
    Flexible hours
    2 days per week
    1 day per week

    Blueprint-Technologies

    Arlington, VA
    2 days ago
  • Ansys, Inc. is looking for a skilled engineering professional to join their Customer Excellence team. In this role, you will leverage your expertise with Ansys products to provide technical pre-sales support and help solve customers' engineering problems. You will work... 

    ANSYS

    Greenbelt, MD
    3 days ago
  • $62.9k - $153.3k

    Position Description CGI Federal is looking for a Forward Deployed Application Engineer to deliver client‑facing applications, integrations, and automation that streamline operations and improve business processes. This role is software development-focused and requires... 
    Local area

    CGI Technologies and Solutions, Inc.

    Arlington, VA
    2 days ago
  • $140k - $170k

    Manatt, Phelps & Phillips, LLP is seeking an experienced Intapp Applications Engineer to serve as the firm's primary technical owner for its risk...  ...staff on supported applications. Collaborate with IT Security on data governance, access control, and compliance requirements... 
    Permanent employment
    Work at office
    Local area

    Manatt, Phelps & Phillips, LLP

    Washington DC
    2 days ago
  •  ...You Are: You’re an aerospace systems engineer who’s energized by solving complex, mission...  ...compliance with U.S. government security and/or access requirements. As a result...  ...and integration code to support customer applications. Work onsite 3 days a week with customers... 
    3 days per week

    Synopsys Inc

    Washington DC
    2 days ago
  •  ...Responsibilities Lead the end-to-end design and delivery of scalable, secure, intelligent systems across the enterprise stack Develop,...  ...platforms the business runs on Partner across business and engineering teams to find high-leverage automation, integration, and... 
    Shift work

    Code Red Partners

    Washington DC
    2 days ago
  • Integrity Technology Consultants seeks a top-tier Expert-Level Application Engineer with TS/SCI clearance and polygraph, to design and manage...  ...clusters. You will collaborate with DevOps teams, implement security hardening, and drive continuous improvement on multiple hosting... 

    Integrity Technology Consultants

    Laurel, MD
    2 days ago
  • $86.6k - $181.8k

    CACI International Inc is seeking an Application Engineer-TS/SCI with Poly for their Maryland team. This role involves connecting client expectations with engineering expertise to design, customize, and test software solutions. Your primary responsibilities include providing... 

    CACI International Inc

    Laurel, MD
    2 days ago
  •  ...implementing, integrating, and optimizing legal-specific enterprise applications for attorneys and staff. Key Responsibilities Analyze, design,...  ..., configure, customize, troubleshoot in zero-trust/hybrid security environments. Resolve application issues; collaborate with... 
    Contract work
    Work at office

    Gotham Technology Group

    Washington DC
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!