Application Security Engineer

Job description

Responsibilities We are seeking a highly skilled and innovative Application Security Engineer to join our team in the greater DMV area, supporting the Army National Guard. Key Responsibilities: - Define application security strategy, standards, and SDLC integration points; champion secure-by-design practices across engineering and DevSecOps teams. - Lead threat modeling and secure architecture reviews for applications, APIs, and microservices. - Design, implement, and manage automated security toolchain: SAST, DAST, SCA, IAST, secrets management, and pipeline gating. - Triage, validate, prioritize, and manage remediation of application vulnerabilities; coordinate remediation with developers, platform, and cloud teams. - Conduct exploit validation, root-cause analysis, and coordinate incident response for application security events. - Establish governance for vulnerability lifecycle, release security validation, and compliance reporting. - Develop security requirements, secure coding guidance, checklists, and developer training materials; deliver briefings to technical and executive audiences. - Evaluate emerging application threats and tools; recommend and pilot defensive technolo...