Job Description

Job Description

Position Title:

Senior Application Security EngineerLocation:

Washington, DC (Hybrid)Job Requirements:Strong written and verbal communication skillsMust have GitLab CI/CD pipeline experienceAssist in the development and implementation of the DevSecOps strategy to include the definition and goals of the over-arching framework and methodologiesAssist customers with implementing a secure CI/CD pipeline utilizing DevSecOps principles and practices to increase automation and reduce human involvement in the processReviewing source code for potential security vulnerabilitiesStrong analytical skills to assess risks and vulnerabilities in complex systemsWriting security test cases to check for vulnerabilities or broken/missing security controls.Implement automated security controls as part of CI/CD pipelinesSupport development teams with secure code (DAST, SAST, Dependency, Secret Detection, Container scans, etc.) reviews and other assessments to identify security weaknesses and vulnerabilitiesEstablish and maintain secure coding standards and best practices to provide guidance and training to development teams on security best practicesRecommend cyber defense and vulnerability assessment toolsReview and research monthly continuous monitoring controls documentation tasks that is required by OISContinuous Process Improvement, actively contribute to the development of standardized operating procedures (SOPs) for API security testingCollaborate closely with cross-functional teams, including system administrators and Information System Security Officers (ISSOs)

Security Clearance Requirement:Active Public Trust and eligible to obtain a Secret clearance

Certifications/Licenses:At least Ten (10) years of experience working in cybersecurity or information technology with a bachelor s degree. Minimum of 5 years experience in vulnerability management, application and software security team, Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handlingSolid experience in application security and software development in one or more programming languages such as C#, Java, Python, etcExperience with security tools such as SAST, DAST, IAST, SCA and other security toolsFamiliarity with industry-standard security frameworks such as OWASP, NIST, BSIMM etcExperience with CICD pipeline, security tools integration and secure SDLCKnowledge of current and emerging threats and techniques for exploiting security vulnerabilitiesCISSP, OSCP, any DevSecOps or other related Information Security certificationExperience with cloud-based infrastructure (AWS, Azure, or GCP)Company Description GSC is a leading cyber security and information technology company based in Washington, DC. We are looking to hire a Senior Security Application Engineer to support a full range of cyber security services on a long-term contract in Washington DC. The position is full-time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background and security clearance.

Company Description

GSC is a leading cyber security and information technology company based in Washington, DC. We are looking to hire a Senior Security Application Engineer to support a full range of cyber security services on a long-term contract in Washington DC. The position is full-time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background and security clearance.#J-18808-Ljbffr