109 application security engineer jobs at 64 companies in Virginia

PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yr On-SiteFull Time
HiringCafe
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Node.js, Python, Elasticsearch, Redis
2mo
Save
Mark Applied
Hide
Application Security Engineer 3
Arlington, Virginia, United States
OnsiteFull Time
Bloomberg Industry Group
Bloomberg Industry Group: Provides legal, tax, and government intelligence and news services.
5+ YOELead application security engineering, design scalable security architectures, perform risk assessments, integrate security across the SDLC, and drive automation.
Python, Java, JavaScript, SAST, DAST, SCA, IaC, Container, Cloud Security, Kubernetes, DevSecOps
1mo
Save
Mark Applied
Hide
Application Security Engineer
Richmond or Lynchburg
OnsiteFull Time
Genworth Financial
Genworth FinancialNYSE: GNW: Provides insurance products for aging care and mortgage protection.
5+ YOE5+ years in security engineering with application security/DevSecOps, cloud experience (AWS/Azure/GCP), vulnerability scanning/AST, threat modeling, scripting/programming, and a Computer Science or similar degree.
AST, vulnerability scanning technologies, cloud security tooling, AWS, Azure, GCP, Infrastructure as Code (IaaC), Policy as Code (PaC), CI/CD, SOC2, ISO 27001, NIST 800-53, Java, .NET, HTML, Ruby, PHP, Perl, C#, Python, JavaScript, PowerShell, Bash
1w
Save
Mark Applied
Hide
Staff Security Engineer, Application Security
Chicago or California or Colorado or Florida or Georgia or Illinois or Indiana or Minnesota or Missouri or Montana or New Jersey or New York or North Carolina or Ohio or Oregon or Pennsylvania or South Carolina or Texas or Utah or Vermont or Virginia or Washington or Washington or Wisconsin
$210k-$260k/yr HybridFull Time
NinjaTrader
NinjaTrader: Provides futures brokerage services and a trading software platform.
7+ YOE7+ years in application/product/security engineering; hands-on threat modeling, vulnerability management, secure design, CI/CD integration, automation using Python/Go; experience with cloud-native AWS/GCP environments.
AWS, GCP, Python, Go, SAST, SCA, DAST, CI/CD, AI/LLMs
2mo
Save
Mark Applied
Hide
Cloud Application Security Engineer
Richmond, Virginia, United States
HybridFull Time
Hyper Solutions
Hyper Solutions: Manufactures mission-critical electrical power distribution solutions for data centers.
4+ YOE4–7 years in application/security or cloud security; AWS security services; SAST/DAST/SCA; OWASP Top 10; threat modeling; SOC 2 audits; collaborate with engineers.
AWS, SAST, DAST, SCA, Snyk, Semgrep, OWASP ZAP
3w
Save
Mark Applied
Hide
Senior Application Security Engineer
Seattle or Los Angeles or San Francisco or California or Colorado or Connecticut or Delaware or Hawaii or Illinois or Maine or Maryland or Massachusetts or Minnesota or Nevada or New Jersey or New York or Rhode Island or Virginia or Washington or Washington DC or United States
$141k-$259k/yr OnsiteFull Time
Nordstrom
Nordstrom: Operates luxury department stores and off-price retail outlets.
4+ YOE4+ years in application security or related field; experience shipping security tooling and automation; expert threat modeling, security design review, and manual code review; fluent reading/writing code in Java, Kotlin, C#, or Python; cloud-native and LLM/AI security knowledge.
Java, Kotlin, C#, Python, SAST, SCA, DAST, secrets scanning, GitHub Advanced Security, JFrog Artifactory, AWS, GCP, Azure, Kubernetes, LLM
2mo
Save
Mark Applied
Hide
Staff, Application Security Engineer - Product Security
Bentonville or Herndon
$110k-$220k/yr OnsiteFull Time
Walmart
WalmartNYSE: WMT: Multinational retail operating discount stores and supermarkets.
4+ YOE4+ years application security experience with Bachelor's or 6+ years without; expertise in secure architecture, threat modeling, SAST/SCA, OWASP, automation of security validation, and strong communication skills.
SAST, SCA, OWASP
3w
Save
Mark Applied
Hide
Application Security Engineer
Tysons, Virginia, United States
HybridFull Time
Veilant
Veilant: Protecting operations, personnel, and data from emerging surveillance threats.
2+ YOEAbility to obtain security clearance; 2+ years Java development; experience with Java Spring Boot, Angular, REST APIs, SQL/PostgreSQL, JWT/OAuth; hands-on web security testing (Burp Suite); CI/CD (GitLab CI, Azure DevOps, GitHub Actions); Kubernetes and container/runtime security; familiarity with SAST/DAST/SCA and secrets management.
Java, Java Spring Boot, Angular, REST APIs, SQL, PostgreSQL, JWT, OAuth, Entra, Keycloak, Burp Suite, GitLab CI, Azure DevOps, GitHub Actions, Kubernetes, Trivy, Kubesec, Falco, NeuVector, GitLab Secrets Manager, AWS KMS, Azure Key Vault, Ansible Vault, SAST, DAST, SCA, IaC, CI/CD
1d
Save
Mark Applied
Hide
Security Engineer, Infrastructure Application Security
Herndon, Virginia, United States
OnsiteFull Time
Amazon
AmazonNASDAQ: AMZN: Global online retail and cloud computing technology provider.
Bachelor's in engineering/CS, knowledge of system vulnerabilities and remediation, experience with web protocols and threat modeling, coding/scripting experience, penetration testing knowledge.
AWS, Python, Perl, Bash, PowerShell, HTTP, DNS, TCP/IP
4w
Save
Mark Applied
Hide
Principal Cloud Application Security Engineer
Arlington or United States
$182k-$239k/yr RemoteFull Time
Interos
Interos: Automated platform for supply chain risk intelligence.
12+ YOE12+ years in information/cloud/application security; 5+ years AWS, Docker, Kubernetes; 2+ years Terraform; cloud security, IaC, incident response, CI/CD integration; bachelor's or equivalent; strong communication.
AWS, Docker, Kubernetes, Terraform
3d
Save
Mark Applied
Hide
Lead Security Application Engineer
Alexandria, Virginia, United States
$115k-$150k/yr OnsiteFull Time
3SI Security Systems
3SI Security Systems: Provides GPS tracking and surveillance for asset protection.
4+ YOE4+ years VMS/PSIM experience, team leadership, networking and video streaming expertise, Microsoft SQL Server/SQL skills, active U.S. Secret clearance, and ability to travel up to 50% OCONUS.
Surveill, VMS, PSIM, Microsoft SQL Server, SQL, TCP/IP, h.264, h.265, Multicast, Unicast
4w
Save
Mark Applied
Hide
Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)
Virginia or Maryland or Pennsylvania or North Carolina or Delaware or New Jersey or District of Columbia or United States
RemoteFull Time
GuidePoint Security
GuidePoint Security: Provides cybersecurity consulting, managed services, and integrated technology solutions.
5+ YOE5+ years security engineering experience, proficiency with SAST tools, CI/CD integration, software engineering background, scripting/automation skills, application security fundamentals (OWASP Top 10, threat modeling), strong communication.
Semgrep, Snyk, CodeQL, Checkmarx, Veracode, GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI, IAST, DAST, SCA, NoName, Traceable, Salt, Cequence, Burp Suite, OWASP Top 10, Greenhouse Software, Zoom Scheduler
2w
Save
Mark Applied
Hide
Application Developer
Reston, Virginia, United States
OnsiteFull Time
ASRC Federal
ASRC Federal: Provides engineering and IT services to federal government agencies.
2+ YOEU.S. citizenship with ability to obtain security clearance; Bachelor's in CS/Engineering; 2+ years software development; proficiency with Java, JavaScript, relational databases, Git, HTML/CSS/JSON/XML; strong analytical and communication skills.
Java, JavaScript, PostgreSQL, Oracle, Git, HTML, CSS, JSON, XML, XSLT, XSD, Python, Android, Jenkins, Jira, Confluence, REST, SOAP
2mo
Save
Mark Applied
Hide
Application Developer
Arlington, Virginia, United States
OnsiteFull Time
BlueWater Federal
BlueWater FederalNASDAQ: TTEK: IT, cybersecurity, and engineering services for federal agencies.
2+ YOEActive Secret clearance; US citizenship; 2+ years in C# and/or Java; 2+ years in ASP.NET, HTML5, JavaScript, Ajax, CSS, Java, SQL, XML; 2+ years debugging/modifying apps; Fortify security testing; Security+ certification; DoD IT portfolio experience.
C#, Java, ASP.NET, HTML5, JavaScript, Ajax, CSS, Java, Microsoft SQL, XML, Fortify, Security Testing Tools
1mo
Save
Mark Applied
Hide
Web Application Developer
McLean or United States
OnsiteFull Time
J5 Consulting
J5 Consulting: Provides specialized cybersecurity and technical services to government and commercial clients.
Experience developing modern web applications with JavaScript/TypeScript frameworks, Node.js, RESTful APIs, SQL databases (PostgreSQL/MySQL), containerization (Docker/Podman), AWS, Git, Agile, and strong security and problem-solving skills. US citizenship and active Top Secret clearance with Full Scope Polygraph required.
JavaScript, TypeScript, Angular, React, Vue, Node.js, Express, Koa, Hapi, HTML5, CSS3, ES6+, Sass, PostgreSQL, MySQL, Prisma, Sequelize, Docker, Podman, AWS, Git, ElasticSearch, Terraform, CloudFormation, leaflet.js, Jenkins, JEE, PKI
1w
Save
Mark Applied
Hide
Information Security Engineer
Herndon, Virginia, United States
OnsiteFull Time
Exostar
Exostar: Cloud platforms for secure collaboration in regulated industries.
5+ YOE5+ years securing cloud architectures and implementing technical controls across cloud, identity, PKI, and application environments; experience with audits (SOC 2, ISO 27001), DevSecOps, and working with engineering teams.
Jira, Confluence, Active Directory, Entra ID/Azure AD, SAML, OIDC, MFA, PKI, TLS, VPN/IPSec, Java, APIs, OWASP SAMM, Microsoft Security Development Lifecycle, IBM Secure Engineering Framework, SOC 2, ISO/IEC 27001, CMMC, DLP, HIPS, HIDS
1mo
Save
Mark Applied
Hide
Senior Application Developer
Fairfax, Virginia, United States
$135k-$165k/yr HybridFull Time
GovCIO
GovCIO: Provides technology and mission support services to federal agencies.
12+ YOEActive Secret clearance, 12+ years on large integrated projects (or commensurate experience) with 5+ years Java development; expertise in Java SE/EE, Spring Boot, REST, CI/CD, containerization, and federal security/compliance.
Java, ColdFusion, JavaScript, C#, Java SE/EE, Spring Boot, RESTful services, Maven, Gradle, Git, Jenkins, GitLab CI, Docker, Kubernetes, AWS GovCloud, Microsoft Azure Government
1w
Save
Mark Applied
Hide
Identity & Application Infrastructure Engineer
United States or Chantilly
RemoteFull Time
Red River
Red River: Provides IT solutions and managed services for government and enterprise clients.
5+ YOE5+ years administering enterprise identity, application, infrastructure or cloud platforms; experience with Active Directory, Microsoft Entra ID, Microsoft 365, SQL Server, automation with PowerShell/Power Automate; strong security and compliance experience.
Microsoft Entra ID, Active Directory, Microsoft 365, PowerShell, Power Automate, SQL Server, HelloID, CyberArk, Idira, Passwordstate, Microsoft Power Platform
1d
Save
Mark Applied
Hide
Senior Application Software Engineer
Reston or Austin or Seattle
$87k-$187k/yr OnsiteFull Time
Oracle
OracleNYSE: ORCL: Provides cloud infrastructure and enterprise software for global businesses.
8+ YOEU.S. citizen with active US government security clearance (TS/SCI w/ Poly). 8+ years software development experience, 4+ years with programming/scripting, 3+ years with databases; experience with distributed systems, APIs, and secure development.
Oracle Cloud Infrastructure, AWS, Azure, Google Cloud, RESTful APIs, microservices, CI/CD, Kubernetes, containers, Linux, source control
1w
Save
Mark Applied
Hide
26-6065: Application Developer - DC Metro - Secret
Herndon, Virginia, United States
$80k-$160k/yr OnsiteFull Time
Navitas Business Consulting
Navitas Business Consulting: Provides digital transformation and IT solutions for government agencies.
Experience designing, building, testing, deploying, and maintaining enterprise applications; proficiency with .NET/Java/Python/JavaScript/TypeScript/Node.js, cloud platforms (AWS/Azure/OCI), relational and NoSQL databases, CI/CD and DevSecOps, and secure government environments.
.NET, Java, Python, JavaScript, TypeScript, Node.js, AWS, Azure, OCI, CI/CD, DevSecOps, NoSQL
3mo
Save
Mark Applied
Hide
Software Application Developer
Herndon, Virginia, United States
$50k-$290k/yr OnsiteFull Time
The Swift Group: Providing engineering and cybersecurity services for national security missions.
5+ YOEBS in Computer Science; 5+ years software development; strong React, Java, JavaScript, Node.js, HTML, CSS, PostgreSQL/MySQL/MariaDB, Linux/Bash, AWS; distributed systems; Git repositories; strong fundamentals; collaborative skills; US citizenship with TS/SCI security clearance.
React, Java, JavaScript, Node.js, HTML, CSS, PostgreSQL, MySQL, MariaDB, Linux, Bash, AWS

Explore Jobs

Expand Your Job Search