Security Engineer - Software 3

Hybrid 3 days onsite / 2 days remote in either Tysons Corner, VA or Rockville, MD

Our client seeks a senior application security engineer to plan, coordinate, and implement application security practices across the software development life cycle. The role will involve vulnerability evaluation, tool selection, solution implementation, secure code review, and support for remediation. The engineer will collaborate with development and DevSecOps teams to integrate security into CI/CD pipelines and will prepare documentation, training, and guidance aligned to industry standards.

We can facilitate w2 and corp-to-corp consultants. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $70.00 to $80.00/hr. w2

JN -062026-107468

• Perform application security assessments and manual penetration testing using tools such as Burp Suite and proxy tools.
• Triage SAST, DAST, and IAST results to identify, prioritize, and support remediation of vulnerabilities.
• Integrate security practices into CI/CD pipelines to support DevSecOps initiatives.
• Maintain documentation of findings, remediation plans, and compliance requirements.
• Develop and interpret security policies and procedures and participate in compliance efforts.
• Develop and deliver security awareness and technology training.
• Evaluate and recommend new and emerging security products and technologies.
• Leverage GenAI technologies to scale reviews and automate code analysis.
• Evaluate security tooling and capabilities including SAST, DAST, IaC, and secrets detection tools.
• Stay current with emerging threats and countermeasures.
• Train and explain common security issues to raise awareness among developers and assurance engineers.
• Perform AWS configuration reviews.

• 5+ years of experience in cybersecurity and application security.
• Familiarity with SAST, DAST, and IAST tools.
• Understanding of AWS.
• Deep understanding of OWASP Top issues and remediation guidelines.
• Proficiency in one or more programming languages, preferably Java, Python, or JavaScript.
• Understanding of CI/CD tools such as Jenkins and GitLab.
• Familiarity with GenAI tools is a plus.
• Strong technical knowledge across security engineering, system and network security, authentication and security protocols, cryptography, and application security.
• Software development background is a plus.
• Experience implementing security solutions consistently.
• Experience with infrastructure or application-level vulnerability testing and auditing.
• Certifications such as GWAPT, OSWE, or Burp Suite Certified Practitioner are beneficial.

Bachelor's degree in computer science, computer engineering, or a related field.

Recruitment Transparency Notice

Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team ( [email protected] , 781-808-2924) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group’s use of these tools, including AI tools, as part of the application and hiring process.

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

· When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.

· Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group.

If you have any indication of fraudulent activity, please contact [email protected] .

About Eliassen Group:

Eliassen Group is a strategic consulting firm that helps organizations reach further and achieve more through our technology, business advisory, and life sciences solutions. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients’ capacity and accelerate meaningful outcomes. We are driven by a purpose to positively impact the lives of our employees, clients, consultants, and the communities we serve.

Eliassen is committed to building a diverse and inclusive team from a variety of backgrounds, perspectives, and skills. We are an Equal Opportunity and Affirmative Action Employer and all employment decisions are based on merit, performance, and business needs. Eliassen does not discriminate on the basis of race, color, gender identity or expression, sexual preference or orientation, sex (including pregnancy, childbirth, and related medical conditions), marital status, creed, religion, physical or mental disability, genetic information, military or veteran status, age, ancestry, national origin, citizenship status, prohibited criminal record inquiries of applicants and employees, or any other category protected by federal, state, or local laws.

Don’t miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!