Application Security Engineer
Clearance Required: Public Trust
Location: Remote, USA
Position Type: Full-Time About the company:
At VivSoft, we aim to solve complex federal problems using emerging and open technologies in a collaborative and rewarding environment. VivSoft is a diverse team of strategists, engineers, designers, and creators experienced in building high performance effective softwares, with impactful organizational design and organizational dynamics for software delivery. We build secure Software Factories based on DoD reference designs and NIST Frameworks for Cloud and DevSecOps. These factories deliver AI/ML Applications, Data Science Platforms, Blockchain and Microservices for DoD, Healthcare and Civilian Agencies Job Summary:
We are seeking an Application Security Engineer to support the modernization of a large-scale enterprise software development platform. This role focuses on securing CI/CD pipelines, enforcing DevSecOps best practices, and implementing automated security testing throughout the SDLC. The engineer will work closely with development and platform engineering teams to embed security into reusable templates, GitHub Actions, and deployment workflows, ensuring applications are built and deployed securely across environments. Key Responsibilities:
- Using GitHub Advanced security, review security findings of the organization.
- Review, validate, and approve request to remediate security findings.
- Review, validate, and approve request to dismiss security findings.
- Collaborate with Federal POC and FDIC security team to create and implement application security processes and standards.
- Identify gaps and design solutions to improve application security at the FDIC.
- Provide guidance to FDIC developers in regard to remediating findings when needed.
- Bachelor’s degree in Computer Science, Engineering, Information Technology, or related field, or equivalent professional experience.
- Proficiency in at least one or two major enterprise languages (e.g., Java, .Net, C#, JavaScript) to effectively review code and understand development context.
- Experience integrating security tools (SAST/DAST/SCA) into CI/CD pipelines to automate vulnerability scanning.
- Proficient in conducting and interpreting results from
- SAST (Static Analysis Security Testing)
- DAST (Dynamic Analysis Security Testing)
- Manual Code Review for security flaws
- Deep understanding of the OWASP Top 10 and other common application security attack vectors (e.g., injection, XSS, broken access control).
- Knowledge of security considerations for large, complex enterprise architectures, which may include Cloud Security (AWS, Azure, or GCP), API security, and microservices.
- Comprehensive Medical, Dental, and Vision Plans (Healthcare benefits are 100% employer-paid for employees only)
- Life Insurance
- Paid Time Off (Flexible/Combined PTO, Bereavement Leave, 11 Company Paid Holidays)
- 401K Retirement Plan with employer match
- Professional Development Training Reimbursement
Recommended Jobs
CDL Driver (Class B)
B&S Contracting, an established asphalt contractor, is seeking a CDL Truck Driver (Class B) for our Staunton location. Candidate must be able to operate a tandem-rear axle truck that may have auxi…
ENT Physician Assistant or Nurse Practitioner - Virginia
Commonwealth Medical Services is seeking a dedicated and experienced ENT Physician Assistant or Nurse Practitioner to join our esteemed medical team. In this role, you will have the opportunity to wo…
216335 - Inspector
Chipton-Ross is seeking an Inspector for a contract opportunity in Manassas, VA. BASIC QUALIFICATIONS (REQUIRED SKILLS/EXPERIENCE): ~Ability to read and interpret engineering drawings. ~1 - 2 ye…
Project Manager
At ABB, we help industries outrun - leaner and cleaner. Here, progress is an expectation - for you, your team, and the world. As a global market leader, we'll give you what you need to make it happen.…
Experienced Live-In Caregiver (PCA/CNA)
Share your love of life and provide compassionate care & joyful companionship to a senior in need by becoming a Live-In Care Specialist! What does a Live-In Angel Care Specialist position enta…
Engineer 1
ProLift Rigging is a privately owned, purpose-driven industrial construction company that has a unique, opportunistic, and growth-oriented culture. OUR PURPOSE To acknowledge and glorify God by…
Direct Support Professional-Residential (3210)
1 st , 2 nd and 3 rd shift Rotation schedule every other weekend RESPONSIBILITIES Provide training and assistance to individuals with developmental disabilities in the areas of hygiene, eati…
System Administrator (IT Operations)
Public Trust: None Requisition Type: Regular Your Impact Own your opportunity to support our nation's defense. Make an impact by connecting and securing critical operations across the glob…
Systems Engineer (Centerville, VA) - Systems Integrator
Ready to design and deliver systems that power enterprise performance? Join a trusted technology solutions provider known for delivering advanced infrastructure, cloud, and cybersecurity services…
Maintenance Technician
At Bozzuto, every team member shares a deep commitment to doing good for those around us . We live this each day by designing, building, managing and maintaining one-of-a-kind residences. Whether it’…