Web Application Security Engineer (AppSec / DevSecOps)
Essnova Solutions, Inc.
Job Description
Job Description
Location: Washington, DC Metropolitan Area (Hybrid)
Employment Type: Full-Time
Clearance: Public Trust (Tier 2) or ability to obtain*
About Essnova SolutionsEssnova Solutions is a growing technology consulting firm delivering innovative IT, cloud, cybersecurity, engineering, and digital transformation solutions to Federal Government clients. We are committed to technical excellence, collaboration, and providing our employees with opportunities to solve complex mission challenges.
Position SummaryEssnova Solutions is seeking an experienced Web Application Security Engineer to support a federal customer by integrating security throughout the software development lifecycle (SDLC) and protecting enterprise web applications and APIs from evolving cyber threats. The ideal candidate has experience with application security, secure software development, vulnerability management, DevSecOps, and federal cybersecurity frameworks.
Key Responsibilities- Embed security throughout the Software Development Lifecycle (SDLC).
- Perform web application vulnerability assessments, penetration support, and threat modeling activities.
- Identify, prioritize, and remediate application security vulnerabilities.
- Implement secure coding standards aligned with OWASP Top 10 and industry best practices.
- Configure and maintain Web Application Firewalls (WAF) and application security controls.
- Integrate application security tools into CI/CD pipelines and DevSecOps workflows.
- Monitor application logs and investigate security events affecting web applications and APIs.
- Collaborate with software developers, DevOps engineers, and cybersecurity teams to improve application security posture.
- Support compliance with NIST, FISMA, FedRAMP, and other federal cybersecurity standards.
- Develop security documentation, technical recommendations, and remediation guidance.
- Experience in Application Security (AppSec), Web Application Security, or Product Security.
- Strong knowledge of secure software development practices and Secure SDLC.
- Experience performing vulnerability assessments, threat modeling, and application security testing.
- Knowledge of OWASP Top 10, common web application vulnerabilities, and remediation techniques.
- Experience implementing or supporting Web Application Firewalls (WAF).
- Experience integrating security into CI/CD pipelines and DevSecOps environments.
- Familiarity with federal cybersecurity frameworks including NIST and FedRAMP.
- Excellent analytical, troubleshooting, and communication skills.
- Experience with SAST, DAST, Software Composition Analysis (SCA), or similar application security tools.
- Experience with secure code reviews and developer security training.
- Experience supporting cloud-native applications within AWS and/or Microsoft Azure.
- Experience supporting federal government or highly regulated environments.
- Relevant security certifications such as:
- CSSLP
- OSCP
- OSWE
- GWEB
- CASE
- Security+
- GSEC
- Public Trust (Tier 2) clearance or the ability to obtain and maintain one.*
At Essnova Solutions, you'll join a collaborative team supporting high-impact federal technology initiatives. We invest in our employees by providing opportunities to work with modern cloud technologies, cybersecurity best practices, and mission-critical systems that make a real difference.
- ...seeking a highly skilled Web Developer Security Engineer to support the design, development... ...maintenance of secure web applications and cybersecurity... ...in Application Security (AppSec), Secure Software Development Lifecycle (SSDLC), DevSecOps automation, vulnerability...SuggestedContract workTemporary workWorldwideFlexible hours
$110k - $135k
...cybersecurity, and cutting-edge application development. We pride... ...Program Manager, the Web Developer Embeds security across the SDLC for... ...secure software dev, DevSecOps automation, vulnerability... ...management ~3+ Web AppSec / AppSec Engineering / SSDLC ~ Modern web...Suggested- ...Evolver Federal is seeking a Senior Security Engineer to fulfill a requirement for a potential... ...Lead efforts to integrate security into DevSecOps pipelines and CI/CD workflows. Provide... ...federal systems and mission‑critical applications. Understanding of advanced threat...SuggestedContract workFlexible hours
$86.8k - $198k
...Job Number: R0241887 Cyber Engineer The Opportunity Are you looking... ...to enable a vital national security system to operate in... ...technical role employing DevOps or DevSecOps concepts, including provisioning... ...secure code, OWASP, or application penetration testing or remediation...SuggestedFull timeContract workPart timeWork at officeLocal area$127.5k - $276.2k
...Position Security Engineer III – Permanent Full Time Location Washington, District of Columbia, United... ...access control modernization. Implement DevSecOps security enhancements and secure integration pipelines. Support application hardening, vulnerability remediation, and...SuggestedPermanent employmentFull timeWork at officeLocal area$131.3k - $237.35k
...next Senior Cloud Cybersecurity Engineer , to play a critical role in the... ...systems Implement and manage security controls for containerized applications and the underlying cloud-based... ...infrastructure Collaborate with DevSecOps, infrastructure, and software...Interim roleLocal areaImmediate startFlexible hours$140k - $170k
...Security & Compliance Engineer Join to apply for the Security & Compliance Engineer role at Nominal... ...secure, vetted third‑party software, applications, and libraries. Communicate the Standard... .... ~ General knowledge of DevSecOps and infrastructure concepts, with the...Permanent employmentH1bVisa sponsorshipWork visa- ...seeking a Full Stack Application Developer to support our... ...enhance, and maintain web applications and... ...components to deliver secure, reliable digital capabilities... ...tools, platforms, or engineering practices relevant to... ...delivery, testing, DevSecOps, or performance engineering...Contract work
- ...Federal is seeking a Senior Security Architect to fulfil a requirement... .... Collaborate with SOC, engineering, and operations teams to... ...security controls into systems and applications. Lead architecture efforts... ...integrating security into DevSecOps pipelines and CI/CD environments...Flexible hours
- ...Senior Cybersecurity Engineer Role Summary The Senior Cybersecurity... ...systems, and enterprise applications. Working across on-premises,... ...technology environment remains secure, compliant, and resilient... ...Zero Trust Architecture and DevSecOps practices. Preferred Certifications...Full timeLocal area
$108k - $156k
...hiring, posted today. applications are still in the early... ...thinkers and feelers, engineers and artists. We work hard... ..., and user-friendly web applications that... ...Engineers to deliver secure, scalable, and intuitive... ...coding practices and DevSecOps principles.### Desired...Full timeRemote work- ...Job Description Job Description Web Developer Security Engineer Clearance Requirement: Public Trust... ...Security Engineer to support application security initiatives across web applications... ...design, vulnerability management, DevSecOps integration, security monitoring,...Remote work
- ...Network Security Engineer (Cisco, Palo Alto) About Us: We are a dynamic technology services company based in Washington, DC, specializing in cutting-edge network solutions. We are seeking a skilled Network Engineer to join our team to ensure the seamless operation...Remote work
$99k - $225k
...Senior Vulnerability Analyst to join our Security Operations Center (SOC). The role... ...environments with SOC operations and cybersecurity engineers. Proficiency with enterprise... ...or Tenable. Bachelor’s degree. Vetting Applicants will be subject to a government investigation...Local area- ...We are seeking a Subject Matter Expert (SME)–level Lead Security Engineer to lead application security across a large-scale, cloud-native federal... ...phase of the System Development Life Cycle (SDLC) using a DevSecOps methodology. The ideal candidate will architect and enforce...Contract workWork at officeFlexible hours
- ...for the Full Stack Software Engineer role at Bridge Defense... ...provide full-spectrum national security solutions that combine secure... ...deploy advanced software applications across the government and defense... ..., Docker) ~ Experience in DevSecOps and CI/CD best practices ~...Work at officeRemote workRelocationFlexible hours
- ...The Senior Federal Information Systems Security Engineer (ISSE) serves as a technical integrator responsible for ensuring that system-to-system connections across federal boundaries are properly documented, approved, and compliant with all required cybersecurity and interoperability...Contract workWork experience placementRelocation
$117.2k - $146.6k
...stored energy solutions for industrial applications. We have over thirty manufacturing and... ...location. Job Purpose The Application Security Engineer is responsible for strengthening the... ...application security, secure development, or DevSecOps. Demonstrated experience building and...Full timeTemporary workWork experience placementWork at officeLocal areaRemote workWorldwide$100k - $125k
...updates as new positions become available. Security Clearance: TS/SCI w/ CI Poly... ...Requirements: Mobile Software Reverse Engineering (with support to development and malware... ...Conduct software exploitation against applications, middleware, operating systems (OS) user...Full timeWork experience placement$112k - $179k
...Requirements: Mobile Software Reverse Engineering (supporting development and malware analysis... ...Conduct software exploitation against applications, middleware, operating systems (OS)... ...Peraton is a next-generation national security company supporting missions worldwide....Work experience placementWorldwide- ...IT Security Engineer Zetier seeks experienced IT Security Engineer to support, manage, and secure our rapidly expanding infrastructure. Candidates will demonstrate experience in maintainingmeida deploying, and troubleshooting segmented IT systems. Strong candidates will...
- ...today! Position Overview We are seeking an experienced Senior Security Engineer to work in Washington DC to join our team supporting an... ...meeting all accounting and accessibility standards. Support for Applications and Databases: Provide security support across a range of...For contractorsWork at officeLocal area
- ...Overview Role Summary: The Cyber Security Engineer is responsible for developing and implementing security measures to protect the company's systems and data. Responsibilities Develop and implement security measures. Conduct security assessments and audits...
- ...Who we are SEI helps advance software engineering principles and practices and serves as... ...resource in software engineering, computer security, and process improvement. The SEI works... ...or must be obtained upon request. Applicants must also meet additional customer-specific...Work at officeRelocation package
- ...Join to apply for the Security Engineer role at HireCapital Join to apply for the Security Engineer role at HireCapital Direct message the job poster from HireCapital Technical Recruiter placing talent at innovative and mission-driven organizations...Permanent employmentFull timeWork at officeRemote work
$75k - $95k
...Join to apply for the Junior Security Engineer role at Tyto Athene, LLC Join to apply for the Junior Security Engineer role at... ...a SIEM for analysis Familiar with multi-tiered network applications, common ports, and protocols used in those communications...16 hoursFull timeWork experience placementRemote work$166k - $220k
...the military in months, not years. ABOUT THE TEAM Anduril's Security Engineering team is looking for a security engineer to focus on... ...candidate data privacy policy, please visit By submitting your application, you consent to Anduril Industries using a third-party service...Full timeWork experience placementImmediate start- ...Join to apply for the Security Engineer role at Jobright.ai 3 days ago Be among the first 25 applicants Join to apply for the Security Engineer role at Jobright.ai Jobright is an AI-powered career platform that helps job seekers discover the top opportunities...Full timeRemote work
- 3 days ago Be among the first 25 applicants Responsibilities & Qualifications... ...Coordinate with the SOC on escalated security incidents. Required Qualifications... ...We are seeking a Lead – Security Engineer to join our team supporting the Transportation...Full timeContract workTemporary workWork at officeMonday to FridayWeekend workDay shiftAfternoon shift
- ...Security Engineer Location: Washington, D.C (On-site M-F at JBAB) Duration: Full Time Clearance: Security Clearance: TS/SCI + required and... ...security infrastructure such as IDSs and HBSS, ensuring system and application performance and health monitoring. Develop and maintain...Full time
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Web Application Security Engineer (AppSec / DevSecOps). Be the first to apply!
- web developer specialist Washington DC
- remote junior web developer Washington DC
- junior web developer internship Washington DC
- ecommerce web developer Washington DC
- remote entry level web developer Washington DC
- c# .net web developer Washington DC
- content developer Washington DC
- work from home web developer Washington DC
- web developer internship remote Washington DC
- remote web developer Washington DC


