Application Security Engineer
Leidos · Ashburn, VA · Today
On-siteInformation Technology$108k–$195k/yrFull-time
About the role
The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Cyber Security Directorate (CSD) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBPSOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.
Primary Responsibilities
- Ensure continuous monitoring of all CSD managed applications and implement an alerting system for critical incidents
- Participate in market research to identify new security solutions as required to avoid obsolescence and to improve the overall security posture
- Develop, deploy, maintain, and/or assist in the implementation and integration of Machine Learning (ML) and Artificial Intelligence (AI) into CBP’s security tool suite
- Utilize SAST tools to analyze source code for vulnerabilities
- Work closely with development teams and ISSOs to remediate identified security issues
- Conduct security assessments using Microfocus WebInspect and other DAST tools
- Collaborate with development teams to address and remediate dynamic security findings
- Implement and manage container security tools, with a focus on Anchore, to ensure secure container deployments
- Provide recommendations for secure container orchestration
- Establish and maintain the definitive current basis for control and status accounting of application systems and their configuration items
- Select configuration items at appropriate levels for application products to facilitate documentation, control
- Tune logging capabilities for efficiency, identify shortfalls, and recommend improvements and new technologies for application logging
- Support the CSD Service Desk in managing and executing the Vulnerability Identification and Remediation process for applications.
Basic Qualifications
- BS degree in Information Technology, Software Engineering, or related field and 8 – 12 years of prior relevant experience
- 3+ years of prior experience in application security with a focus on SAST, SCA, DAST
- Knowledge of secure coding practices and integration into SDLC
- Familiarity with common security frameworks and standards
- Strong programming/scripting skills
- Excellent communication and collaboration skills
- Working in an Agile project management environment
- Must have a Top Secret Clearance with SCI
- Must be able to report into the Ashburn VA office up to 5 days per week
Preferred Qualifications
- Master’s with 1-2 years of prior experience in application security with a focus on SAST, SCA, DAST
- Experience with data engineering tools such as Kubernetes/Rancher, Cloudera
- Experience with Configuration Management and IaC tools such as Salt or Ansible
- Experience with scripting languages, CI/CD tools, Elasticsearch, or Gitlab
- Experience working in an air-gapped environments
- Experience working in large computing environments (> 1,000 end-points)