165 application security engineer jobs at 89 companies in Frederick, MD
🚀PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yrOn-SiteFull Time
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Virtru: Provides data-centric encryption and privacy control software for organizations.
4+ YOE4+ years in application security or secure development, strong cryptography and web security knowledge, experience with Node.js and Go, SAST/DAST/IAST/SCA tooling, vulnerability programs (bug bounty, pentest), and familiarity with cloud infra (GCP/AWS) and Kubernetes preferred.
Node.js, Go, Trusted Data Format (TDF), SAST, DAST, IAST, SCA, Burp, ZAP, Qualys, Nessus, GCP, AWS, Kubernetes, Slack, Zoom
Booz Allen HamiltonNYSE: BAH: Provides technology and management consulting services to diverse organizations.
4+ YOE4+ years DoD enterprise security architecture, F5 BIG-IP expertise, DoD IL Clouds/on‑prem, VMware/NSX-T, SD-WAN, Secret clearance, HS diploma or GED.
Chicago or California or Colorado or Florida or Georgia or Illinois or Indiana or Minnesota or Missouri or Montana or New Jersey or New York or North Carolina or Ohio or Oregon or Pennsylvania or South Carolina or Texas or Utah or Vermont or Virginia or Washington or Washington or Wisconsin
$210k-$260k/yrHybridFull Time
NinjaTrader: Provides futures brokerage services and a trading software platform.
7+ YOE7+ years in application/product/security engineering; hands-on threat modeling, vulnerability management, secure design, CI/CD integration, automation using Python/Go; experience with cloud-native AWS/GCP environments.
ManTech: Provides technology solutions for defense and intelligence agencies.
11+ YOETS/SCI with poly required. 11–15+ years experience in systems security, software engineering, or computer science. Hands-on C/C++ or C#, ability to read Java, experience with software assurance tools and source code analysis.
WalmartNYSE: WMT: Multinational retail operating discount stores and supermarkets.
4+ YOE4+ years application security experience with Bachelor's or 6+ years without; expertise in secure architecture, threat modeling, SAST/SCA, OWASP, automation of security validation, and strong communication skills.
AmazonNASDAQ: AMZN: Global online retail and cloud computing technology provider.
Bachelor's in engineering/CS, knowledge of system vulnerabilities and remediation, experience with web protocols and threat modeling, coding/scripting experience, penetration testing knowledge.
Web Application Security Engineer (AppSec / DevSecOps)
Washington, District of Columbia, United States
HybridFull Time
Essnova Solutions: Provides professional and technical services to government entities.
Experience in application security, secure SDLC, vulnerability assessment, WAF, CI/CD/DevSecOps integration, and familiarity with federal frameworks (NIST, FedRAMP); Public Trust clearance or ability to obtain.
SAST, DAST, Software Composition Analysis (SCA), Web Application Firewall (WAF), CI/CD, DevSecOps, AWS, Microsoft Azure, OWASP Top 10, NIST, FedRAMP
3SI Security Systems: Provides GPS tracking and surveillance for asset protection.
4+ YOE4+ years VMS/PSIM experience, team leadership, networking and video streaming expertise, Microsoft SQL Server/SQL skills, active U.S. Secret clearance, and ability to travel up to 50% OCONUS.
CACINYSE: CACI: Provides information technology and professional services to government clients.
Active TS/SCI with Polygraph; strong analytics development background; proficiency in Python; experience with RMF, system authorization, and vulnerability management (e.g., Nessus); 4+ years experience typical depending on degree.
CACI InternationalNYSE: CACI: Provides information technology and engineering services for government agencies.
Active TS/SCI with polygraph, strong analytics development background, proficiency in Python, experience with system authorization, RMF, and vulnerability management; multi-year technical experience as specified by education.
Themis Insight: Provides technical consulting and data analytics for national security.
TS/SCI with Polygraph required; deep cloud security experience, ability to design and evaluate secure cloud workloads, strong communication and customer-facing skills, knowledge of cloud security controls and compliance (NIST SP 800-53).
ASRC Federal: Provides engineering and IT services to federal government agencies.
2+ YOEU.S. citizenship with ability to obtain security clearance; Bachelor's in CS/Engineering; 2+ years software development; proficiency with Java, JavaScript, relational databases, Git, HTML/CSS/JSON/XML; strong analytical and communication skills.