At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.
Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.
Requisition: 1380
Job Title: Application Security Engineer
Clearance Level: Public Trust - Ability to obtain a security clearance
Location: REMOTE
SUMMARY:
Work together with the client and application community to maintain a resilient security posture for highly visible applications.
JOB DUTIES AND RESPONSIBILITIES:
· Remediate application security flaws in conjunction with the application security team.
· Lead security discussions with the application teams to prescribe security best practices within their development lifecycle.
· Perform dynamic and static application performance testing, perform security requirements creation or generation-level threat modeling leveraging tools, including SD Elements, and perform application-level testing using applications such as Burp Suite.
· Work with the latest OWASP frameworks.
ADDITIONAL SKILLS & QUALIFICATIONS
Required Skills:
Burp Suite and Veracode are currently the areas of focus.
Linux command line knowledge
6+ years of Information Technology experience
3+ years of experience with supporting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Burp Suite
1+ year of experience with supporting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Veracode
2+ years of experience with Java, Python, .NET, or C#
3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, network, or infrastructure services
Experience with Eclipse, JDeveloper, including pipeline development, or Visual Studio
Experience with securing enterprise web applications and OWASP Top 10, CVSS, CWE, WASC, and SANS-25
Knowledge of federal compliance standards, including NIST 800-53, FIPS, or FedRAMP
2+ years experience working in Linux based environments, including navigating and troubleshooting basic website connectivity issues
Additional Qualifications:
Experience with Interactive Application Security Testing (IAST) capabilities and tools
Experience with HackerOne
Experience with Selenium
Experience writing bash scripts
Experience with OWASP ZAP or Burp Proxy
Education, Background, and Years of Experience
IT related bachelor's degree
WORKING CONDITIONS
· Monday - Friday position.
Strength Demands
· Light – 20 lbs. Maximum lifting with frequent lift/carry up to 10 lbs. A job is light if less lifting is involved but significant walking/standing is done or if done mostly sitting but requires push/pull on arm or leg controls.
