Application Security Engineer
Veilant
Job Description Veilant is looking for an Application Security Engineer to join our InfoSec team and help validate, secure, and continuously improve software developed by internal and partner engineering teams. This role is ideal for someone who combines a software engineering foundation with an attacker mindset. You will review major and minor software releases before deployment, identify and validate vulnerabilities, create proof‑of‑concept demonstrations where appropriate, and provide practical remediation guidance that developers can act on. You will not simply file security tickets and move on. You will work closely with engineering teams to understand application architecture, business logic, user workflows, data sensitivity, and production environments so that your findings are accurate, contextualized, and useful. You will work collaboratively across Veilant’s software, DevSecOps, and infrastructure teams. In this role, you will: Audit software releases across major and minor cycles to intercept and remediate security flaws before deployment. Analyze source code to identify, isolate, validate, and contextualize vulnerabilities in complex application codebases. Build safe proof‑of‑concept examples to demonstrate exploitation paths and verify the real‑world impact of discovered risks. Contextualize findings based on application business logic, user workflows, data sensitivity, and production use cases. Author clear remediation guidance and partner with development teams to implement effective patches, controls, or architectural mitigations. Intercept and analyze application‑layer network traffic using tools such as Burp Suite or similar intercepting proxies to inspect encrypted payloads, API calls, and authentication flows. Assess and help secure core architectures across REST APIs, SQL databases, PostgreSQL, JWT/OAuth, identity providers, and token‑based authentication mechanisms. Perform threat modeling for web applications based on use cases, data flows, user roles, trust boundaries, and production environments. Improve DevSecOps pipelines by integrating, tuning, and operationalizing SAST, DAST, SCA, IaC scanning, secrets detection, and container security tooling. Support container runtime security efforts using monitoring and runtime protection tools such as Falco, NeuVector, or similar technologies. Create standardized security reporting that translates technical findings into clear risk narratives for both engineering teams and executive stakeholders. What You Will Accomplish in Your First Six Months Within your first six months, success in this role will look like: Building a repeatable AppSec review process for major and minor software releases, helping engineering teams identify and resolve security issues before deployment. Integrating and improving SAST, DAST, and SCA checks in CI/CD pipelines so that security testing becomes a reliable part of the development lifecycle rather than a late‑stage blocker. Establishing threat modeling practices for web applications using common frameworks and applying them to Veilant’s Angular front‑end, Java Spring Boot back‑end, REST APIs, SQL databases, and authentication flows. Partnering with engineering and software teams to improve secure coding practices through practical feedback, remediation guidance, and collaborative reviews. Implementing best practices in container runtime security , including visibility, monitoring, and runtime protections for containerized workloads. Writing standardized security reports that clearly communicate risk, impact, and remediation steps for both executive‑level stakeholders and engineering teams. Qualifications What We Are Looking For Strong candidates will bring: Ability to obtain a Security Clearance 2+ years of software development experience in Java. Hands‑on experience reviewing or securing applications built with Java Spring Boot, Angular, REST APIs, SQL databases, and PostgreSQL. Working knowledge of authentication and authorization technologies, including JWT, OAuth, identity providers, Entra, Keycloak, and token‑based access models. Experience intercepting, decrypting, manipulating, and analyzing web or application network traffic. Demonstrated ability to find, validate, and explain vulnerabilities in a real codebase. Familiarity with CI/CD tools such as GitLab CI, Azure DevOps, or GitHub Actions. Experience with containerized environments and orchestration tools such as Kubernetes. Exposure to infrastructure‑as‑code and container scanning tools such as Trivy, Kubesec, or similar technologies. Understanding of cloud hosting environments such as Azure or AWS. Familiarity with secrets management tools such as GitLab Secrets Manager, AWS KMS, Azure Key Vault, or Ansible Vault. Experience with automated application security testing, including SAST, DAST, and SCA. Familiarity with runtime security and monitoring tools for containers, such as Falco, NeuVector, or similar platforms. Hands‑on web security testing experience using Burp Suite or comparable tooling. Strong written communication skills, including the ability to write reports for both technical and non‑technical audiences. OSWE, OSCP, and/or GXPN certifications are highly desirable. The Kind of Person Who Will Thrive Here You will do well in this role if you are curious, collaborative, and comfortable working across both code and security. You know how to speak with developers in practical terms, explain risk without creating unnecessary friction, and help teams ship secure software without slowing the mission down. You are someone who can move from reviewing source code, to analyzing an API request, to modeling a threat scenario, to writing a report that an executive can understand. You enjoy solving problems at the root cause, not just documenting symptoms. Additional Information Why You’ll Love Working Here: Innovative Environment: Work in a setting where your ideas and expertise are valued. Collaborative Culture: Be part of a team that supports each other and works toward shared goals. Career Growth: Opportunities for professional development and career advancement. Here are some Perks! Flexible PTO + holidays Generous 401k match benefit up to 10%, with an automatic 3% safe harbor contribution and additional matching based on employee contributions. Medical (HSA & PPO Plans Available), dental, vision, disability, and life insurance Employer Contribution to Health Savings Account (HSA) Professional coaching services Get the technology you want to do your job We have free daily snacks & drinks Physical Requirements Must be able to remain in a stationary position 50% of the time. The person in this position needs to occasionally move about inside the office Constantly work with computers and other information technology equipment The ability to communicate information and ideas in a classroom style format, may stand at a podium for long periods of time We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, veteran status, or any other characteristic protected by law. We are proud to be an equal opportunity workplace. If you require a reasonable accommodation to apply for a position with Veilant through its online applicant system, please contact Veilant's Talent Management Department at View phone number on click.appcast.io or contact us throughe-mail at contact_us@ veilant.com #J-18808-Ljbffr
- ...ll work with the most talented software developers, systems engineers, and subject matter experts, building tools and systems... ...difference. Job Description Veilant is looking for an Application Security Engineer to join our InfoSec team and help validate, secure...SuggestedWork at officeRemote workFlexible hours
- ...customers’ business challenges, Take2 will work as a partner to best resolve client needs. Take2 is hiring a Senior Application Security Engineer. This is a fully remote role. Job Description ~6+ years of Information Technology experience ~3+ years of experience...SuggestedFull timeRemote work
- ...Job Description Application Security Engineer Strategy (Nasdaq: MSTR) • Tysons Corner, VA • Full-time, 5 days/week on-site Job Description Join Strategy's IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy...SuggestedFull time
- ...What You'll Do: Collaborate with a team of engineers to implement * specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications. Work with Development, DevOps and Security teams to identify and develop automated...SuggestedWork experience placement
- ...public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a... ...more. Who we’re looking for: We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security...SuggestedContract workRemote work
$160k
...NO STUDENT VISA CANDIDATES FOR THIS ROLE! Required Qualifications: Minimum of 5 years experience working "hands-on" in application security engineering Hands‑on experience with Fortify, Veracode, Tenable, Black Duck, or similar platforms Hands‑on experience with either...2 days per week- Responsible for leading application security engineering efforts, designing scalable security architectures, performing advanced risk assessments, integrating security across the SDLC, driving AI‑related security controls, evaluating vendor solutions, scaling automation...
- Integral Federal, Inc. is seeking an AI-Advanced Technician to provide AI application and infrastructure support for the Defense Nuclear Facilities Safety Board (DNFSB) network. Responsibilities include designing and developing AI applications and implementing machine learning...
$140k - $160k
...Location: Washington DC (US-DC-Washington) Overview Edgewater is currently seeking an Application Security Engineer who will be a hands‑on subject matter expert in Microsoft Azure cloud technologies, application security, security architectures, security tools, and methodologies...Contract workLocal areaRemote work$110k
...Job Seekers can review the Job Applicant Privacy Policy by clicking here ( . Job Description : SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must...Full time$150.2k - $225.4k
...About the team: The Information Security organization advances the overall state of security at Rubrik through purposeful... ...information. About the role: Rubrik is seeking an Application Security Engineer. In this role, you will be responsible for ensuring that...Work experience placementLocal areaRemote workShift work- ...your expertise and challenge your skills in this exciting IT Security Engineering opportunity! We are seeking an experienced IT Security... ...Department. In this role, you will provide IT security support for applications and software systems in all platforms as well as providing...Work experience placement
$135k - $200k
...Application Security Engineer Palantir builds the world's leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions...Work experience placementWork at officeRemote workWork from homeRelocation package- ...Eliassen Group is seeking an experienced IT Security Engineer in Washington DC to provide security support for applications across various platforms. The role involves defining security frameworks, conducting penetration tests, and ensuring compliance with security standards...
- Senior Application Security Engineer (WAF) 3956 Get AI-powered advice on this job and more exclusive features. Direct message the job poster from Tier4 Group About the Role Job Title: Sr. Application Security Engineer Location: Greater DC Area (2 days per week onsite hybrid...Permanent employmentFull time2 days per week
$150k - $173k
The Nuclear Company is seeking an experienced Application Security Engineer to help secure vital software and data systems. You will work closely with product and platform engineering teams to embed security into all stages of software development. This role is suited for...$166k - $200k
Senior Technical Security Application Engineer, Secured Spaces Washington, District of Columbia, United States Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the...Full timeContract workWork experience placement$150k - $173k
...nuclear industry toward rapid development in America and globally. About the role The Nuclear Company is searching for an Application Security Engineer to help secure the software, data systems, and developer workflows that power our Nuclear Operating System, internal...Bi-weekly payWork at office$66.59k - $110k
...Application Engineer Tyler Technologies is seeking an application engineer to design, develop, and support high-performance web-based applications using our low‑code platform for business process management. In this role you will work closely with cross‑functional teams...Work experience placementLocal area$115k - $150k
...safer. As a global leader in innovative security technology, we help businesses and law... ...innovation, trust, and collaboration. From engineering to sales and support, every role... ...something that matters. The Lead Security Application Engineer also internally known as our Lead...Full timeWorldwideFlexible hours- Application Cyber Security Engineer Elite Technical is seeking a Software Focused Cyber Security Engineer to support our customer with DevSecOps, DevOps, AWS Cloud Security, Cloud Migration related tasks. Although this position is primarily remote, monthly visits to...Contract workWork at officeRemote work
- ...skills and experience managing complex programs in a litigation environment. Responsibilities include developing and maintaining applications, translating requirements, and refining programs to enhance efficiency. The role requires substantial programming experience and...Full time
$62.9k - $153.3k
Position Description CGI Federal is looking for a Forward Deployed Application Engineer to deliver client‑facing applications, integrations, and automation that streamline operations and improve business processes. This role is software development-focused and requires...Local area- A leading financial institution is seeking a Remote Engineer III for Hogan Applications, responsible for technical analysis, design, and implementation within a critical banking environment. Candidates should have extensive experience in Hogan architecture and application...Remote job
$89.6k - $218.2k
Senior Forward Deployed Application Engineer Category: Software Development/ Engineering Main location: United States, Virginia, Arlington... ...existing workflows; the primary focus is building maintainable, secure, integrated solutions. This position is located in...Full timeLocal area- ...software solutions that enable military operators, national security agencies, spectrum regulators, and system integrators to... ...CRFS seeks a versatile and proactive Senior Field Applications Engineer (FAE) to serve as the primary technical bridge between our...Work at officeRemote workRelocationFlexible hours
$85k - $120k
...reporting and troubleshooting purposes. Work with our sales engineering team to ensure the successful operation of our partner and client... ...for this position. Job Details Seniority level: Not Applicable Employment type: Full‑time Job function: Information Technology...Full timeWorldwideMonday to FridayWeekend work- ...Technology we are dedicated to delivering internal, intelligent applications that simplify operations, automate workflows, and drive AI‑... ...is technical in nature, it is not a traditional software engineering position. Job Description Appian is looking for an Associate...Work at officeLocal areaWorldwide
$85k - $120k
A leading event technology provider in Virginia is seeking a full-time Software Support professional. The role includes providing software support, troubleshooting technical issues, and working with technical teams for integrations. Ideal candidates should have a BS in ...Full time- Accenture is seeking a Mainframe Application Programmer in Arlington, Virginia, to support the ADMIN and CARMS applications. The ideal candidate will have over 5 years of experience utilizing CICS, JCL, COBOL, and more, to drive innovation within the mainframe environment...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!
- senior application support engineer Falls Church, VA
- senior application security engineer Falls Church, VA
- app developer Falls Church, VA
- aws cloud security engineer Falls Church, VA
- senior cloud security engineer Falls Church, VA
- director enterprise applications Falls Church, VA
- application security lead Falls Church, VA
- application team lead Falls Church, VA
- oracle apps technical consultant Falls Church, VA
- cash app Falls Church, VA

