Application Security Engineer

Job description

Leidos is seeking an Application Security Engineer as part of our DevOps team in support of a large-scale, complex Software program within the Department of Justice. This role focuses on securing the application including identifying vulnerabilities in code, designing security controls, conducting code reviews and perform penetration tests, with the goal of proactively preventing security breaches by inserting security measures throughout the software development lifecycle. Responsibilities: Lead security integration efforts across the software development lifecycle. Manage and maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues. Identify vulnerabilities in code and work with developers to remediate them. Automate security testing in CI/CD pipelines. Conduct advanced threat modeling and oversee secure architectural choices. Manage security incident response and remediation efforts. Mentor developers on secure coding practices and conduct training sessions. Track and report progress on security vulnerabilities in formal reviews. Establ...