Lead Software Security Engineer

Application security, code analysis, WebInspect, automation, scripting, Python, Node.js, Perl, web services
Full Time, Long Term
Telecommuting not available Travel not required

Job Description

Valiant Solutions is seeking a Lead Software Security Engineer with experience coding and scripting to join our growing team supporting a large Government Agency in Arlington, VA. The successful candidate must possess and be able to demonstrate technical skills and engineering attitude for success, dedication and commitment.


Valiant Solutions is a Cybersecurity company delivering cutting-edge security solutions to our Government clients specializing in Cloud Security, Security Engineering, and Federal GRC.  This is your chance to work with a wide range of security technologies for a company that cares about its employees - Valiant has been named one of the Best Places to Work in the DC area FOUR years in a row! We offer an excellent benefits package (see highlights below) and opportunities for advancement. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now! 


Salary will be based on qualifications and education. All candidates must be US citizens with the ability to successfully pass a Federal background and strict credit check.


Experience Requirements:

  •        Hands-on experience working with application security in the realms of smoke testing, error handling, static code analysis, pre-commit hooks, attack mapping, container security, continuous monitoring, authentication, session management and dependency mapping as well as penetration test tooling like Burp Suite, Metasploit and WebInspect
  •        Vulnerability Management, Threat Vector Analysis, Intrusion Detection and Prevention, Incident Management and Response, Web Application Security, Risk Assessment and Mitigation Methodologies
  •        Proficiency in building and automating efficient and effective scripts from scratch with languages such as Python, Node.js, sh, Perl, etc.
  •        Experience applying knowledge of information security concepts and theories through technical and non-technical methods.
  •        Solid understanding of cyber security threats, risks, vulnerabilities, and attacks, giving insight into threat actor motives, capabilities, and techniques.
  •        Experience with WebInspect, AppScan Source, Fortify, Veracode, Sonatype or Blackduck platform
  •        Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures is expected.


Skills / Competencies:

  •        Understanding of web service technologies such as XML, JSON, SOAP, and REST
  •        Thorough understanding of security methodologies and frameworks like SSDLC, MITRE ATT&CK, NIST CSF and OWASP Testing Guide v4
  •        Strong coding skills in multiple common languages such as C#, Python, Ruby, Perl, Go, PHP and SQL and working knowledge of network and web related protocols TCP/IP, UDP, IPSEC, HTTP/S and BGP
  •        Identify and remediate XSS, CSRF, SSRF, RCE and other attack surfaces
  •         Security compliance regimes: NIST, PCI-DSS, ISO 27000, CIS, etc.
  •         Background in J2EE, web frameworks, and .NET is a plus



  •        Security engineer to test, advise and consult on application security for internal and external web systems and applications.
  •        Verify findings as needed with application development team
  •        Perform manual source code review for security vulnerabilities
  •        Write formal security assessment report for each application
  •        Perform bug hunting/penetration testing, threat modeling, risk analysis and thorough reporting to Security, Dev and Ops teams
  •        Identify and remediate XSS, CSRF, SSRF, RCE and other attack surfaces
  •        Demonstrated ability to meet deliverables, timetables, and deadlines.
  •        Knowledge of current and emerging security and information technology standards and practices.
  •        Experience conducting vulnerability assessments and articulating security issues to technical and non-technical audience.

       •        Other activities to ensure performance and the information security program



About Valiant Solutions:

Valiant Solutions is a security focused IT solutions provider with both public and private sector clients nationwide.  As named one of the fastest growing privately held companies by Inc5000 and Best Places to Work in the DC area by WBJ, Valiant Solutions provides its employees with great benefits and opportunities for advancement. At the same time, we understand that our employees need the right balance between professional growth and personal life. We are looking for individuals that are passionate about the mission they support and are committed to the customers they serve. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today. 


Benefits Snapshot (includes, but not limited to):

Valiant pays 99% of the Medical, Dental, and Vision Coverage for FTE

Valiant contributes 25% towards Health Coverage for Family and Dependents

100% Paid Short Term Disability and Life Insurance Policy for FTE

100% Paid Certifications

401K Matching up to 4%

Paid Time On – 40 hours to pursue innovation

Valiant University – Online Education and Training Portal

Reimbursement for Public Transit and Parking

FSA programs for: Medical Costs, Dependent Care, Transit, and Parking

Referral Bonuses


Equal Opportunity Employer:

Valiant Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex/gender, pregnancy, religion, age, marital status, sexual orientation, military/veteran status, disability, genetic information/history or any other personal characteristic protected by law.


Physical Demands

Must be able to remain in a stationary position 50% of the time and also be able to occasionally move about inside the office to access file cabinets, office machinery, etc.

Must be able to constantly operate a computer and other office productivity machinery, such as a copy machine, and computer printer.

Must be able to communicate, detect, converse with, discern, convey, express one self, and exchange information visually and verbally.

Must be able to occasionally bend and lift files and papers up to 10 pounds throughout the office space for events and meetings.


Work Environment:

Individual's primary workstation is located in an office area

The noise level in this environment is low to moderate


Authorization to Share Resume and Personal Information:

By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

Dice Id : 10119134
Position Id : HLM_FSE
Have a Job? Post it

Similar Positions

Cyber Security Penetration Tester
  • Leidos
  • Washington, DC
Vulnerability Specialist/Penetration Tester
  • Eliassen Group
  • Washington, DC
Application Security Engineer
  • Solu Technology Partners
  • Washington, DC
Application Security Specialist - REMOTE
  • 10525742
  • Remote; Any Location In The U.s., DC
Cyber security Pen Tester Associate and Managers
  • The Judge Group
  • Alexandria, VA
Active Cyber Defense Analyst - G
  • Next Step Systems
  • Greenbelt, MD
Senior Application Security Engineer
  • Rockhammer Talent Solutions
  • Suitland, MD
Application Security Engineer
  • Booz Allen Hamilton
  • Mclean, VA
Web Security Engineer
  • Vision Info Tech
  • Suitland, MD
Senior Penetration Tester
  • ApplyLogic Consulting Group, LLC
  • Laurel, MD