Application Security Engineer

Razor Talent LLC

$100K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity or related field (or equivalent experience)
  • Experience in application security, secure software development, or DevSecOps
  • Knowledge of secure software development lifecycle (SSDLC) principles
  • Experience with application security testing methodologies like SAST and DAST
  • Strong analytical and problem-solving skills
  • Excellent written and verbal communication skills
  • Familiarity with DoD or Federal cybersecurity environments

Responsibilities

  • Integrate security into the software development lifecycle (SDLC)
  • Perform application security assessments and code analysis
  • Conduct various security testing activities like SAST and DAST
  • Collaborate with software developers to remediate vulnerabilities
  • Support secure software design reviews and threat modeling
  • Develop security best practices for development teams
  • Analyze security findings and recommend mitigation strategies

Benefits

  • Medical, dental, and vision insurance
  • Paid time off and holidays
  • 401(k) with company match
  • Professional development opportunities
  • Comprehensive benefits to support employees' health and well-being
Full Job Description
Razor is looking for an Application Security Engineer to support the Defense Client Data Center (DMDC) Cyber PRIMES program by integrating security throughout the software development lifecycle and protecting enterprise applications supporting critical Department of Defense missions. The role focuses on application security, secure software development, vulnerability management, DevSecOps, and security testing to ensure enterprise applications meet DoD cybersecurity and compliance requirements.

Education & Certification Requirements: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Software Engineering, or a related field (or equivalent experience). Relevant DoD 8140 certifications and industry certifications are preferred and may be required based on program requirements.

Clearance Requirements: Active DoD Secret clearance required. Some positions may require Top Secret/SCI clearance. U.S. Citizenship required.

Location: Seaside, CA or Alexandria, VA (Mark Center). Flexible for occasional telework; candidates must reside locally.

Responsibilities:
  • Integrate security throughout the software development lifecycle (SDLC) to support secure application development
  • Perform application security assessments, code analysis, and vulnerability identification for enterprise applications
  • Conduct Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and other security testing activities
  • Partner with software developers and DevSecOps teams to remediate application vulnerabilities and strengthen application security
  • Support secure software design reviews, architecture assessments, and threat modeling activities
  • Develop secure coding guidance and security best practices for development teams
  • Support implementation of DevSecOps security controls and automated security testing within CI/CD pipelines
  • Analyze security findings and recommend mitigation strategies to reduce application risk
  • Support Risk Management Framework (RMF) activities and ensure application compliance with DoD cybersecurity requirements
  • Develop security documentation, assessment reports, and technical recommendations
  • Collaborate with cybersecurity engineers, architects, and program stakeholders to strengthen enterprise application security

Qualifications:
  • Experience supporting application security, secure software development, or DevSecOps initiatives
  • Knowledge of secure software development lifecycle (SSDLC) principles and secure coding practices
  • Experience performing application security testing, vulnerability analysis, and remediation
  • Experience with SAST, DAST, SCA, or similar application security testing methodologies
  • Experience supporting CI/CD pipelines and automated security testing
  • Knowledge of common application security risks, including the OWASP Top 10
  • Familiarity with secure software architecture, threat modeling, and code review practices
  • Experience supporting Department of Defense or Federal cybersecurity environments
  • Strong analytical, troubleshooting, and problem-solving skills
  • Excellent written and verbal communication skills

Desired Skills:
  • Top Secret/SCI clearance
  • Security+, CISSP, CSSLP, GIAC, CEH, or other DoD 8140-compliant certifications
  • Experience supporting DevSecOps environments and cloud-native application security
  • Experience with GitLab, Jenkins, Azure DevOps, GitHub, SonarQube, Checkmarx, Fortify, Veracode, or similar security tools
  • Experience supporting container security, Kubernetes, Docker, or Infrastructure as Code (IaC) security
  • Knowledge of NIST RMF, NIST 800-53, Zero Trust Architecture, and DoD cybersecurity requirements
  • Experience supporting enterprise Department of Defense application environments

Benefits Overview: Razor offers a comprehensive benefits package which may include medical, dental, and vision insurance, paid time off, holidays, 401(k) with company match, professional development opportunities, and other competitive benefits designed to support the health and well-being of our employees.

Similar Jobs

More Jobs at Razor Talent LLC

More Information Technology Jobs

Find similar Application Security Engineer jobs: