Job Title: Application Security Architect / Engineer
Location: Richmond, VA
Employment Type: Contract-to-Hire (6 Months)
Work Model: Hybrid.
Position Overview
We are seeking an experienced Application Security Engineer / Architect to support enterprise application security initiatives and partner with development teams to ensure security is embedded throughout the Software
Development Life Cycle (SDLC).
In this role, the Application Security Engineer will act as a security advisor to application development teams, providing expertise in secure architecture, vulnerability management, DevSecOps practices, and secure coding standards. The role requires close collaboration with development, QA, and operations teams to integrate security into design, development, testing, and deployment processes.
The successful candidate will help identify security risks, recommend improvements, support compliance requirements, and strengthen the organization s overall security posture through proactive security assessments, vulnerability remediation, and security training initiatives.
Key Responsibilities
Application Security & Architecture
- Provide application security guidance and best practices to development and operations teams.
- Support secure software development practices across the SDLC including Agile and Scrum environments.
- Evaluate application architecture and design for security vulnerabilities.
- Implement and promote secure coding standards and security-by-design principles.
- Conduct secure code reviews to identify vulnerabilities and provide remediation recommendations.
Vulnerability Management
- Identify and remediate application and infrastructure vulnerabilities.
- Address security risks including those listed in the OWASP Top 10.
- Support patch management and vulnerability remediation programs.
- Analyze findings from SAST, DAST, and IAST tools and coordinate remediation with development teams.
Security Tools & Monitoring
- Utilize application security tools and platforms including:
- SAST / DAST / IAST scanning tools
- Vulnerability management platforms
- Security monitoring tools
- Monitor and analyze security events through SIEM tools such as Splunk.
- Investigate security alerts and provide remediation guidance.
Cloud Security
- Implement and evaluate cloud security controls in AWS environments.
- Secure cloud-based architectures including APIs, microservices, and distributed systems.
- Apply security best practices for cloud infrastructure and hybrid environments.
Compliance & Governance
- Ensure compliance with security frameworks and regulatory requirements, including:
- NIST 800-53
- IRS Publication 1075
- PCI-DSS
- Create, maintain, and review System Security Plans (SSPs).
- Support enterprise security governance and risk management initiatives.
Collaboration & Communication
- Collaborate with developers, QA engineers, DevOps teams, and security analysts.
- Provide security training and education to development teams.
- Communicate security risks, remediation strategies, and technical recommendations to both technical and non-technical stakeholders.
- Support enterprise initiatives to improve security posture and risk mitigation strategies.
Required Qualifications
- 5+ years of experience in Application Security.
- 2+ years of experience with network security, firewalls, or AWS Security Groups.
- Experience with vulnerability management, log collection, remediation, or privileged access management.
- Strong understanding of security concepts, network protocols, and threat vectors.
- Hands-on experience with SIEM, IDS/IPS, EDR, and security monitoring tools.
- Strong analytical, troubleshooting, and problem-solving skills.
- Excellent communication, collaboration, and documentation skills.
- Ability to work independently and in a team environment in a fast-paced setting.
Technical Skills
Security Tools
- Splunk
- InsightVM (Rapid7)
- Tenable
- CyberArk
- Veracode
- Jenkins
Infrastructure & Platforms
- Linux and Windows Operating Systems
- OS hardening and baseline security
- IIS and Apache servers
- Firewall configuration and management
Programming & Scripting
- SQL
- PowerShell
- Scripting languages
Cloud & DevOps Skills
- AWS security controls and best practices
- Infrastructure as Code (IaC) using Terraform
- CI/CD pipelines using Jenkins, GitLab CI/CD, or AWS CodePipeline
- Hybrid networking including:
- VPN
- AWS Direct Connect
- Routing and firewall configurations
Required Certifications
At least one of the following certifications is required:
- CompTIA Security+
- ISC2 Certified in Cybersecurity (CC)
- Offensive Security Certified Professional (OSCP)
- Certified Cloud Security Professional (CCSP)
- Certified Secure Software Lifecycle Professional (CSSLP)
Preferred Certifications
Highly desirable certifications include:
- AWS Solutions Architect (Associate or Professional)
- AWS Security Specialty
Additional desirable certifications:
- CompTIA PenTest+
- Certified Ethical Hacker (CEH)
- GIAC Certified Intrusion Analyst (GCIA)
Preferred Experience
- Experience implementing DevSecOps security practices
- Experience securing cloud-native and microservices architectures
- Experience supporting enterprise security operations and governance programs
Never miss an opportunity! Create an alert based on the job you applied for.