Application Security Engineer

Hybrid in Reston, VA, US • Posted 9 hours ago • Updated 4 hours ago
Contract W2
6 Months
Hybrid
Depends on Experience
Company Branding Image
Fitment

Dice Job Match Score™

👤 Reviewing your profile...

Job Details

Skills

  • SDLC
  • DevSecOps
  • Cloud Security
  • vulnerability management
  • OWASP
  • API security
  • SAST
  • DAST
  • IAST
  • SCA
  • manual penetration testing
  • secure code review
  • threat modeling.
  • CNAPP
  • CSPM
  • KSPM
  • CWPP
  • cloud native security platforms
  • CrowdStrike
  • AWS
  • IAM
  • EC2
  • S3
  • Lamda
  • EKS
  • CloudTrail
  • Security Hub
  • Guard Duty
  • Kubernetes
  • container security
  • Amazon EKS
  • pod security
  • RBAC
  • network policies
  • container hardening
  • best practices.
  • native controls frameworks
  • NIST CSF
  • NIST 800-53
  • ISO 27001
  • SOC2
  • CIS Benchmarks
  • MITRE ATT&CK or similar frameworks.
  • CI/CD platforms
  • DevOps toolchain
  • secure pipeline practices
  • artifact management
  • secrets protection
  • code signing.
  • infrastructure-as-code and policy-as-code practices using tools such as Terraform
  • Helm
  • CloudFormations
  • Rego/OPA
  • java

Summary

Hiring! Sr. Application Security and Mid level App. Security Engineer for our direct client located in Reston, VA. Seeking W2 Candidates that are located in Wash. DC, MD, VA or WVA.

(this is not a Network Sec position).  We will not respond to C2C requests.

Preferred Qualifications:

  • Strong hands-on experience in Application security, secure SDLC, DevSecOps , Cloud Security and vulnerability management.
  • Deep understanding of OWASP top 10, API security top 10, common vulnerability classes, secure coding practices, and modern exploit techniques.
  • Hands-on experience with security testing tools and techniques, including SAST, DAST, IAST, SCA, manual penetration testing, secure code review, and threat modeling.
  • Extensive experience with CNAPP, CSPM, KSPM, CWPP or cloud native security platforms, preferably tools such as Wiz, CrowdStrike or similar solutions.
  • Hands-on experience securing cloud environments, preferable AWS, including services such as IAM, EC2, S3, Lamda, EKS, CloudTrail, Security Hub, Guard Duty, or similar services.
  • Deep knowledge of Kubernetes and container security, including Amazon EKS, pod security, RBAC, network policies, image security, runtime security, and container hardening best practices.
  • Direct experience mapping application and cloud native controls to frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC2, CIS Benchmarks, MITRE ATT&CK or similar frameworks.
  • Strong working knowledge of CI/CD platforms, DevOps toolchain and secure pipeline practices, including building security, artifact management, secrets protection, and code signing.
  • Experience working directly with development teams to explain security findings, recommend practical remediation and validation fixes.
  • Hands-on experience securing AWS cloud environments, including strong understanding of IAM, networking, logging, monitoring, encryption, workload security, and cloud security posture management.
  • Experience with infrastructure-as-code and policy-as-code practices using tools such as Terraform, Helm, CloudFormation s, Rego/OPA or similar technologies.
  • Strong written and verbal communication skills, with the ability to translate complex technical risks into clear recommendations for developers, architects, leadership and governance stakeholders.
  • Security certifications such as CISSP, AWS certified Security-specialty, CISA, GWEB or similar credentials are preferred.

Licenses/Certifications

  • CISSP Certified Information Systems Security Professional Upon Hire Req or
  • Certified Ethical Hacker (CEH) preferred

If you have the Cyber Sec Skills- select "Apply Now" and a Vega Staffing Specialist will reach out to you,

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: vega
  • Position Id: 14306CyberSec
  • Posted 9 hours ago

Company Info

About Vega Consulting Solutions

Vega Consulting is a recruitment-oriented IT consulting firm. We specialize in contract, contract-to-hire, and permanent IT placement. Our firm has a coast-to-coast presence and currently conducts business with government and commercial entities in 28 states. Utilizing a proprietary recruiting methodology called V*STAR, we offer clients a decisive competitive advantage. We save our clients time and money, preventing them from having to search through unqualified resumes



Top 500 Women-Owned Businesses in USA Since 2003
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

It looks like there aren't any Similar Jobs for this job yet.

Search all similar jobs