Application Security Engineer

Hybrid 3 days onsite in Tysons Corner, VA

A private, non‑governmental entity that functions as a self‑regulatory organization, responsible for oversight, enforcement, and dispute resolution within the securities industry, following the consolidation of earlier regulatory organizations. The organization is currently seeking an Application Security Engineer to support its technology and security initiatives.

We can facilitate w2 and corp-to-corp consultants. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $70.00 to $80.00/hr. w2

Responsibilities

• Perform security assessments and manual application penetration testing using Burp Suite and related proxy tools.
• Triage SAST, DAST, and IAST results to identify, prioritize, and support remediation of vulnerabilities.
• Integrate application security controls into CI/CD pipelines to support DevSecOps.
• Maintain documentation for findings, remediation plans, and compliance requirements.
• Develop and interpret security policies and procedures and participate in compliance efforts.
• Develop and deliver general security awareness and technology-specific training for developers and assurance engineers.
• Evaluate and recommend emerging security products and technologies.
• Leverage GenAI technologies to scale security reviews and automate code analysis.
• Evaluate application security tools and capabilities including SAST, DAST, IaC, and secrets detection.
• Monitor and stay current with emerging security threats and countermeasures.
• Conduct AWS configuration reviews.

Experience Requirements

• 5+ years of experience in cybersecurity and application security.
• Hands-on experience with SAST, DAST, and IAST tools.
• Proficiency with manual application penetration testing using Burp Suite or similar tools.
• Strong knowledge of OWASP Top 10 issues and remediation practices.
• Understanding of AWS services and security configurations.
• Experience integrating security into CI/CD using tools such as Jenkins and GitLab.
• Proficiency in one or more programming languages, with Java, Python, or JavaScript preferred.
• Strong background in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
• Experience with infrastructure or application-level vulnerability testing and auditing.
• Experience consistently implementing security solutions.
• Familiarity with GenAI tools (preferred).
• Software development background (preferred).
• Certifications such as GWAPT, OSWE, or Burp Suite Certified Practitioner (preferred).

Education Requirements

• Bachelor's degree in computer science, computer engineering, or a related technical field.
• Certifications such as GWAPT, OSWE, or Burp Suite Certified Practitioner.
• AWS-related certifications (preferred).

Recruitment Transparency Notice

Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team ( [email protected] , 781-808-2924) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group’s use of these tools, including AI tools, as part of the application and hiring process.

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

About Eliassen Group:

Eliassen Group is a leading strategic consulting company for human-powered solutions. For over 30 years, Eliassen has helped thousands of companies reach further and achieve more with their technology solutions, financial, risk & compliance, and advisory solutions, and clinical solutions. With offices from coast to coast and throughout Europe, Eliassen provides a local community presence, balanced with international reach. Eliassen Group strives to positively impact the lives of their employees, clients, consultants, and the communities in which they operate.

Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Don’t miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!