Jobs · Information Technology · Maryland

Security Software Developer

Vidoori Inc. · Hyattsville, MD · 2 wk ago
HybridInformation TechnologyFull-time

About the role

The Security Software Developer will design, build, and maintain secure software components and developer-focused security tooling. They will collaborate across engineering, product, and security teams to reduce risk, improve runtime protection, and embed security earlier in the development process.

Key Responsibilities

  • Design, implement, and maintain security libraries, SDKs, and application-level protections that are secure by design and easy for engineers to adopt.
  • Develop and integrate security automation and developer tooling into CI/CD pipelines to support shift-left security, automated scanning, and feedback loops.
  • Build runtime defense capabilities such as input validation, secure authentication/authorization flows, secrets handling, and secure configuration management.
  • Author and maintain static and dynamic analysis integrations, custom rules or detectors, and remediation guidance to reduce vulnerability introduction and speed up fixes.
  • Collaborate with application teams to threat-model, define security controls, and ensure secure implementation of features across the development lifecycle.
  • Contribute to secure CI/CD patterns, signing and verification of artifacts, and supply-chain protections to improve provenance and integrity of releases.
  • Implement logging, telemetry, and alerting for security-related events and provide actionable context to support incident detection and response.
  • Participate in vulnerability triage, root cause analysis, and coordinated remediation; contribute to post-incident reviews and preventative measures.
  • Produce clear developer-focused documentation, secure coding guidelines, and runbooks to improve team capability and promote consistent practices.
  • Engage in threat research and proof-of-concept work to evaluate new defensive techniques, open-source tools, and runtime protections.

Essential Skills and Experience

  • Bachelor’s degree in Computer Science, Engineering, or a related discipline, or equivalent practical experience.
  • Proven experience (typically 10+ years) in software development with a focus on security, secure design, or security engineering within cloud-native environments.
  • Strong programming skills in one or more languages commonly used for backend and tooling (e.g., Python, Go, Java, C#).
  • Experience integrating security tooling (SAST, DAST, SCA, dependency scanning) into CI/CD pipelines and developing custom checks or rules.
  • Solid understanding of authentication and authorization standards (OAuth2, OpenID Connect, JWT), secrets management, cryptography basics, and secure session handling.
  • Familiarity with container and orchestration environments (Docker, Kubernetes) and practical experience implementing runtime security controls and image hardening.
  • Experience with cloud platforms (AWS, Azure, or GCP) and applying platform security best practices (IAM, network controls, KMS, secrets stores).
  • Good knowledge of secure development lifecycle concepts, threat modelling, and common vulnerability classes (OWASP Top Ten, SANS CWE).
  • Excellent communication skills with the ability to explain security concepts to developers and stakeholders and to produce clear technical documentation.

Desirable Skills

  • Professional security certifications (CISSP, CSSLP, OSCP, CEH, or cloud provider security certs).
  • Experience with policy-as-code and enforcement (OPA, Gatekeeper), runtime protection (WAF, RASP, eBPF-based tooling) or service mesh security patterns.
  • Familiarity with secure software supply chain practices, artifact signing, SBOMs, and reproducible builds.
  • Practical experience contributing to open-source security projects or developing community-facing security tools.
  • Background in incident response, forensic analysis, or red/blue team exercises and knowledge of common detection strategies.

Benefits and Career Development

  • Competitive base salary with performance-related bonus and incentives linked to technical and delivery outcomes.
  • Flexible working arrangements, including hybrid options to support a healthy work-life balance.
  • Supportive and inclusive culture with investment in professional development, training, and mentorship opportunities.
  • Opportunity to influence security strategy, adopt emerging defensive technologies, and progress into senior technical or security leadership roles.
  • Work on high-impact security and software engineering engagements across public sector and commercial clients.

Application Guidance

  • Location: Hybrid (DMV Area)
  • Employment Type: Full-time, mid to senior-level
  • Eligibility: U.S. Citizenship Required, Public Trust Clearance Necessary

About Vidoori

Vidoori, Inc. is a consulting firm that provides Program Management, Information Technology, and Engineering services for government and commercial clients. Our team's experience and ongoing support span numerous government agencies, including the Census Bureau, Centers for Medicare & Medicaid Services, Department of Defense (Army branch), Department of Homeland Security, Social Security Administration, and Department of Veterans Affairs. We take the experiences we gain to continuously improve upon existing and future efforts, while producing innovative solutions to complex problems. We are committed to providing our partners with a low-cost, low-risk, and high-quality-driven small business partner for their mission-critical needs.

Our Culture

Corporate culture is essential to allow the organization to differentiate itself. Internally, it fosters cohesion and motivation among employees and limits conflicts. Externally, it conveys a positive image and can foster a sense of closeness to the company or even serve as a criterion for choosing a company.

Similar jobs