Benefits: - 401(k) matching
- Bonus based on performance
- Competitive salary
- Dental insurance
- Health insurance
- Paid time off
- Parental leave
- Training & development
- Vision insurance
POSITION OVERVIEWReporting to the Program Manager, the Web Developer Embeds security across the SDLC for mission-critical web apps, APIs, and sensitive data. Identifies/remediates vulnerabilities, logic flaws, insecure dependencies, and misconfigurations; drives end-to-end vulnerability lifecycle with threat modeling and validation; advises on secure design patterns and protocols; analyzes web/app logs for IoCs; builds automation for threat-intel integration and incident response; deploys/tunes WAF and FIM; ensures NIST 800-53 / FISMA / FedRAMP compliance and supports audits and authorization.
REQUIRED QUALIFICATIONS- Ability to obtain a Federal Security Clearance
- Hands-on secure software dev, DevSecOps automation, vulnerability remediation
- Log analysis, FIM, WAF management
- 3+ Web AppSec / AppSec Engineering / SSDLC
- Modern web tech incl. .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, SQL;
- AI-assisted dev tools (Copilot, OpenAI API/Codex) + scripting (Python, JS/Node.js, Java, React.js, TypeScript);
- OWASP Top 10 & secure coding; WAF and FIM deploy/tune;
- Security testing tools (Wireshark, SIEM, IDS/IPS, NDR, EDR); risk assessment;
- DevSecOps CI/CD security gates; security metrics & compliance reporting;
- Tier II security ops support.
Preferred: Federal framework authorization (NIST 800-53/FISMA/FedRAMP); threat modeling; CI/CD security gate automation; AWS & container security (Docker, Kubernetes).
Education: Bachelor's+ (CS/Cyber/IS/Engineering/related).
Credentials (current): one or more of - AppSec: CSSLP / GWEB / CASE; Offensive: OSWE / OSCP; Foundational: Security+ / GSEC.
Flexible work from home options available.
Compensation: $110,000.00 - $135,000.00 per year
