Application Security Engineer
Veilant
Company Description We were early to the fight against Ubiquitous Technical Surveillance, and we've been pushing the edge ever since. Our mission is to help government and enterprise organizations understand and manage commercial data risks, shape their digital signatures, and operate with confidence in an increasingly complex information landscape. We build and integrate advanced, tech-forward solutions to problems our customers often don't know they have - until it matters most. We move fast, think critically, and deliver where it counts. What's in it for you? We work hard and do fun things. You'll work on high-impact, technically challenging problems alongside a team that values teamwork over competition. Veilant offers a solid work-life balance and flexible remote work options. At Veilant, you'll work with the most talented software developers, systems engineers, and subject matter experts, building tools and systems that make a real difference. Job Description Veilant is looking for an Application Security Engineer to join our InfoSec team and help validate, secure, and continuously improve software developed by internal and partner engineering teams. This role is ideal for someone who combines a software engineering foundation with an attacker mindset. You will review major and minor software releases before deployment, identify and validate vulnerabilities, create proof-of-concept demonstrations where appropriate, and provide practical remediation guidance that developers can act on. You will not simply file security tickets and move on. You will work closely with engineering teams to understand application architecture, business logic, user workflows, data sensitivity, and production environments so that your findings are accurate, contextualized, and useful. You will work collaboratively across Veilant's software, DevSecOps, and infrastructure teams. In this role, you will:
- Audit software releases across major and minor cycles to intercept and remediate security flaws before deployment.
- Analyze source code to identify, isolate, validate, and contextualize vulnerabilities in complex application codebases.
- Build safe proof-of-concept examples to demonstrate exploitation paths and verify the real-world impact of discovered risks.
- Contextualize findings based on application business logic, user workflows, data sensitivity, and production use cases.
- Author clear remediation guidance and partner with development teams to implement effective patches, controls, or architectural mitigations.
- Intercept and analyze application-layer network traffic using tools such as Burp Suite or similar intercepting proxies to inspect encrypted payloads, API calls, and authentication flows.
- Assess and help secure core architectures across REST APIs, SQL databases, PostgreSQL, JWT/OAuth, identity providers, and token-based authentication mechanisms.
- Perform threat modeling for web applications based on use cases, data flows, user roles, trust boundaries, and production environments.
- Improve DevSecOps pipelines by integrating, tuning, and operationalizing SAST, DAST, SCA, IaC scanning, secrets detection, and container security tooling.
- Support container runtime security efforts using monitoring and runtime protection tools such as Falco, NeuVector, or similar technologies.
- Create standardized security reporting that translates technical findings into clear risk narratives for both engineering teams and executive stakeholders.
- Ability to obtain a Security Clearance
- 2+ years of software development experience in Java.
- Hands-on experience reviewing or securing applications built with Java Spring Boot, Angular, REST APIs, SQL databases, and PostgreSQL.
- Working knowledge of authentication and authorization technologies, including JWT, OAuth, identity providers, Entra, Keycloak, and token-based access models.
- Experience intercepting, decrypting, manipulating, and analyzing web or application network traffic.
- Demonstrated ability to find, validate, and explain vulnerabilities in a real codebase.
- Familiarity with CI/CD tools such as GitLab CI, Azure DevOps, or GitHub Actions.
- Experience with containerized environments and orchestration tools such as Kubernetes.
- Exposure to infrastructure-as-code and container scanning tools such as Trivy, Kubesec, or similar technologies.
- Understanding of cloud hosting environments such as Azure or AWS.
- Familiarity with secrets management tools such as GitLab Secrets Manager, AWS KMS, Azure Key Vault, or Ansible Vault.
- Experience with automated application security testing, including SAST, DAST, and SCA.
- Familiarity with runtime security and monitoring tools for containers, such as Falco, NeuVector, or similar platforms.
- Hands-on web security testing experience using Burp Suite or comparable tooling.
- Strong written communication skills, including the ability to write reports for both technical and non-technical audiences.
- OSWE, OSCP, and/or GXPN certifications are highly desirable.
- Innovative Environment: Work in a setting where your ideas and expertise are valued.
- Collaborative Culture: Be part of a team that supports each other and works toward shared goals.
- Career Growth: Opportunities for professional development and career advancement.
- Flexible PTO + holidays
- Generous 401k match benefit up to 10%, with an automatic 3% safe harbor contribution and additional matching based on employee contributions.
- Medical (HSA & PPO Plans Available), dental, vision, disability, and life insurance
- Employer Contribution to Health Savings Account (HSA)
- Learning & Development opportunities
- Professional coaching services
- Get the technology you want to do your job
- We have free daily snacks & drinks
- Must be able to remain in a stationary position 50% of the time. The person in this position needs to occasionally move about inside the office
- Constantly work with computers and other information technology equipment
- The ability to communicate information and ideas in a classroom style format, may stand at a podium for long periods of time
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Application Security Engineer in McLean, VA vacancy
$150.2k - $225.4k
...About the team: The Information Security organization advances the overall state of security at Rubrik through purposeful... ...information. About the role: Rubrik is seeking an Application Security Engineer. In this role, you will be responsible for ensuring that...SuggestedWork experience placementLocal areaRemote workShift work$135k - $200k
...Application Security Engineer Palantir builds the world's leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions...SuggestedWork experience placementWork at officeRemote workWork from homeRelocation package- ...Senior Application Security Engineer Software Guidance & Assistance, Inc., (SGA), is searching for a Senior Application Security Engineer for a contract assignment with one of our premier regulatory clients in Rockville, MD. The main function of the senior application...SuggestedContract work
- ...Title : Application Security Engineer Location : Rockville, MD or McLean, VA Target Start Date : ASAP Type : contract Pay Rate: DOE The Senior Application Security Engineer is responsible for designing, implementing, and advancing...SuggestedContract workImmediate start
$110k
...Job Seekers can review the Job Applicant Privacy Policy by clicking here ( . Job Description : SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must...SuggestedFull time- SourcePro Search is conducting a search for an experienced Senior Application Security Engineer in Washington, DC. The ideal candidate will serve as subject matter expert integrating secure design for applications and services within the system development lifecycle. This...
- CGI Njoyn is looking for a Technical Analyst - Application Engineer in Washington, DC. This permanent full-time role requires expertise in software development and will involve automating processes within CGI's Momentum financial management system at a government agency...Permanent employmentFull time
$210k - $230k
Upside is seeking an experienced Security Engineer to identify and mitigate application vulnerabilities. This role requires expertise in application security and a deep understanding of AWS architecture. Responsibilities include innovating security solutions and conducting...Work at office- NewGen Technologies is seeking an Applications Developer to support onsite incident response for U.S. Government customers experiencing cyber-attacks. The role involves software design, troubleshooting, and integration to enhance incident response capabilities. Applicants...
$108.6k - $181k
...Job Description Summary About the Role: We're seeking a highly skilled and experienced Senior Application Engineer with a strong background in technical solution design, system integration, and precise cost estimation for large-scale EPC (Engineering, Procurement...Contract workRemote workRelocation package- ...Healthshare Application Engineer We are currently looking for a HealthShare Application Engineer for a 100% remote position supporting a... ...administration, production support, automation, CI/CD processes, security integrations, and system performance optimization. This...Remote workMonday to FridayShift workWeekend workAfternoon shift
- ...Role Summary The Application Engineer is responsible for developing and maintaining software applications to support the company's business operations. Main Responsibilities and Duties Develop and maintain software applications. Collaborate with the engineering team to...
- ## Job Description# Sr Applications Engineer**Location:** Falls Church, Virginia (Remote) **Employment Type:** Contract to Perm* Implement and... ...Active Directory Services and manage application security, including Single-Sign-On and Certificate Management.* Ensure...Permanent employmentContract workRemote work
- ...Application Engineer Project Overview: Professional services engagement: implement advanced features within their software, specifically Wealth and Retirement suite of products--Omni2 Suite: large record-keeping system for pension plans, 401k, etc. Has 13-15 surrounding...
- ...Electrical Applications Engineer - Ashburn, VA This position is also available onsite with OEM firms or with Solutions Providers in: Pittsburgh PA, Wake Forest NC, Raleigh NC, Atlanta GA, Orangeburg SC, or remote with a Manufacturing Rep Firm in any major city in...Work at officeRemote work
$89.6k - $218.2k
...6-2126 - Permanent Full Time Title Senior Forward Deployed Application Engineer Location Arlington, Virginia, United States Job Description... ...workflows; the primary focus is building maintainable, secure, integrated solutions. Responsibilities Lead design and implementation...Permanent employmentFull timeLocal area- ...for IT legal support services, specifically in the eDiscovery area. The ideal candidate will have experience programming complex applications and should be a U.S. citizen with strong communication skills. This full-time position involves developing and maintaining...Full time
- A technology and services firm is seeking an experienced IT legal support provider in Washington, DC. The role requires substantial programming expertise and involves developing complex programs for litigation support. Ideal candidates will have at least two years of relevant...
- A leading financial institution is seeking a Remote Engineer III for Hogan Applications, responsible for technical analysis, design, and implementation within a critical banking environment. Candidates should have extensive experience in Hogan architecture and application...Remote job
- VetsEZ is seeking a HealthShare Application Engineer (Remote Opportunity) to join our remote team. The engineer should have experience and knowledge to design, code, test, debug, and document software in a variety of programming languages. The candidate must reside within...Remote job
$75k - $175k
Appian is seeking an Application Engineer to design and deliver enterprise applications using Appian and AI. This position requires in-office attendance in McLean, Virginia, 5 days a week. Responsibilities include building web-based applications, integrating systems, and...Work at office$62.9k - $153.3k
Title Forward Deployed Application Engineer Location Arlington, Virginia, United States Job Description CGI Federal is looking for a Forward... ...upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government...Local area- ...skills and experience managing complex programs in a litigation environment. Responsibilities include developing and maintaining applications, translating requirements, and refining programs to enhance efficiency. The role requires substantial programming experience and...Full time
- Job Title: LMS Programmer (tomigrate from Cornerstone Saba LMS to Docebo LMS) Location: Hybrid, Rockville, MD or Tysons Corner, VA Key Requirements/Top Skills: Previously migrated from Cornerstone Saba LMS toDecebo LMS 6+ years' Lead Programming Experience Java AWS...
- VetsEZ is seeking a HealthShare Integration Engineer to join our remote team. The candidate will be able to support an alternative schedule... .... Help in Tier 3 support of the InterSystems HealthShare Application and related technologies. Installation and Configuration of...Remote jobShift workNight shiftAfternoon shift
$92.3k - $166.85k
Via Logic LLC is seeking qualified applicants to support network operations for a significant opportunity with a Health Agency in... ...Montgomery County, MD. The positions available include Network Engineers, Security Engineers, System Administrators, and Network Architects....Contract work- ...This is a newly created senior developer role focused on establishing the company’s core competency in agentic AI systems. The engineer will design, develop, and deploy advanced autonomous AI agents, build foundational frameworks for future AI use cases, and integrate...
- Application Cyber Security Engineer Elite Technical is seeking a Software Focused Cyber Security Engineer to support our customer with DevSecOps, DevOps, AWS Cloud Security, Cloud Migration related tasks. Although this position is primarily remote, monthly visits to...Contract workWork at officeRemote work
- Base One Technologies is seeking a skilled Test Engineer located in Arlington, Virginia, to define and perform test assignments for complex software and hardware systems. The candidate will engage in test planning and execution, develop automated and manual test methods...
- Dovel Technologies, Inc in Washington, DC is looking for a Junior Application Support Specialist to provide Tier I and II support for enterprise systems. You will help resolve user issues and maintain application stability. The ideal candidate has a Bachelor’s degree in...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!
Related searches
- application engineering manager McLean, VA
- senior application security engineer McLean, VA
- application performance engineer McLean, VA
- senior application support engineer McLean, VA
- senior app developer McLean, VA
- software applications developer McLean, VA
- app developer McLean, VA
- senior application developer McLean, VA
- network security engineer McLean, VA
- information technology security engineer McLean, VA

