164 application security engineer jobs at 92 companies in Washington, DC

PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yr On-SiteFull Time
HiringCafe
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Node.js, Python, Elasticsearch, Redis
1mo
Save
Mark Applied
Hide
Application Security Engineer
Washington, District of Columbia, United States
$180k-$200k/yr RemoteFull Time
Virtru
Virtru: Provides data-centric encryption and privacy control software for organizations.
4+ YOE4+ years in application security or secure development, strong cryptography and web security knowledge, experience with Node.js and Go, SAST/DAST/IAST/SCA tooling, vulnerability programs (bug bounty, pentest), and familiarity with cloud infra (GCP/AWS) and Kubernetes preferred.
Node.js, Go, Trusted Data Format (TDF), SAST, DAST, IAST, SCA, Burp, ZAP, Qualys, Nessus, GCP, AWS, Kubernetes, Slack, Zoom
2mo
Save
Mark Applied
Hide
Application Security Engineer 3
Arlington, Virginia, United States
OnsiteFull Time
Bloomberg Industry Group
Bloomberg Industry Group: Provides legal, tax, and government intelligence and news services.
5+ YOELead application security engineering, design scalable security architectures, perform risk assessments, integrate security across the SDLC, and drive automation.
Python, Java, JavaScript, SAST, DAST, SCA, IaC, Container, Cloud Security, Kubernetes, DevSecOps
1mo
Save
Mark Applied
Hide
Application Security Engineer
Fort Meade, Maryland, United States
$87k-$198k/yr OnsiteFull Time
Booz Allen Hamilton
Booz Allen HamiltonNYSE: BAH: Provides technology and management consulting services to diverse organizations.
4+ YOE4+ years DoD enterprise security architecture, F5 BIG-IP expertise, DoD IL Clouds/on‑prem, VMware/NSX-T, SD-WAN, Secret clearance, HS diploma or GED.
F5 BIG-IP, VMware NSX-T, LTM, APM, ASM, SD-WAN, RDP, SSH, TLS, PKI
1w
Save
Mark Applied
Hide
Staff Security Engineer, Application Security
Chicago or California or Colorado or Florida or Georgia or Illinois or Indiana or Minnesota or Missouri or Montana or New Jersey or New York or North Carolina or Ohio or Oregon or Pennsylvania or South Carolina or Texas or Utah or Vermont or Virginia or Washington or Washington or Wisconsin
$210k-$260k/yr HybridFull Time
NinjaTrader
NinjaTrader: Provides futures brokerage services and a trading software platform.
7+ YOE7+ years in application/product/security engineering; hands-on threat modeling, vulnerability management, secure design, CI/CD integration, automation using Python/Go; experience with cloud-native AWS/GCP environments.
AWS, GCP, Python, Go, SAST, SCA, DAST, CI/CD, AI/LLMs
1mo
Save
Mark Applied
Hide
Staff Application Security Engineer
Washington, District of Columbia, United States
$150k-$173k/yr OnsiteFull Time
The Nuclear Company
The Nuclear Company: Deploys standardized nuclear reactors for utility-scale energy generation.
4+ YOE4+ years in application/product/software security; experience with secure SDLC tooling (GitHub Advanced Security, CodeQL, Dependabot, SAST/SCA/DAST), familiarity with AWS security, ability to read code (Python, TypeScript, Go, Java, C#, C++), strong communication and offensive-security mindset.
GitHub, GitHub Advanced Security, CodeQL, Dependabot, SAST, SCA, DAST, Palantir Foundry, AWS, IAM, CI/CD, Python, TypeScript, Go, Java, C#, C++, OWASP ASVS, OWASP Top 10, OWASP API Security Top 10, NIST CSF, NIST 800-53, SOC 2, IEC 62443, NERC CIP
1mo
Save
Mark Applied
Hide
Application Security Engineer
Hanover, Maryland, United States
$166k-$295k/yr OnsiteFull Time
ManTech
ManTech: Provides technology solutions for defense and intelligence agencies.
11+ YOETS/SCI with poly required. 11–15+ years experience in systems security, software engineering, or computer science. Hands-on C/C++ or C#, ability to read Java, experience with software assurance tools and source code analysis.
C, C++, C#, Java, Rust, Ada, x86_64, PowerPC, MIPS, ASM, Klocwork, CodeSonar, Fortify, CodePeer, IDA Pro, Fortran-Lint
1mo
Save
Mark Applied
Hide
Staff, Application Security Engineer - Product Security
Bentonville or Herndon
$110k-$220k/yr OnsiteFull Time
Walmart
WalmartNYSE: WMT: Multinational retail operating discount stores and supermarkets.
4+ YOE4+ years application security experience with Bachelor's or 6+ years without; expertise in secure architecture, threat modeling, SAST/SCA, OWASP, automation of security validation, and strong communication skills.
SAST, SCA, OWASP
3w
Save
Mark Applied
Hide
Application Security Engineer
Tysons, Virginia, United States
HybridFull Time
Veilant
Veilant: Protecting operations, personnel, and data from emerging surveillance threats.
2+ YOEAbility to obtain security clearance; 2+ years Java development; experience with Java Spring Boot, Angular, REST APIs, SQL/PostgreSQL, JWT/OAuth; hands-on web security testing (Burp Suite); CI/CD (GitLab CI, Azure DevOps, GitHub Actions); Kubernetes and container/runtime security; familiarity with SAST/DAST/SCA and secrets management.
Java, Java Spring Boot, Angular, REST APIs, SQL, PostgreSQL, JWT, OAuth, Entra, Keycloak, Burp Suite, GitLab CI, Azure DevOps, GitHub Actions, Kubernetes, Trivy, Kubesec, Falco, NeuVector, GitLab Secrets Manager, AWS KMS, Azure Key Vault, Ansible Vault, SAST, DAST, SCA, IaC, CI/CD
14h
Save
Mark Applied
Hide
Security Engineer, Infrastructure Application Security
Herndon, Virginia, United States
OnsiteFull Time
Amazon
AmazonNASDAQ: AMZN: Global online retail and cloud computing technology provider.
Bachelor's in engineering/CS, knowledge of system vulnerabilities and remediation, experience with web protocols and threat modeling, coding/scripting experience, penetration testing knowledge.
AWS, Python, Perl, Bash, PowerShell, HTTP, DNS, TCP/IP
1mo
Save
Mark Applied
Hide
Application Security Engineer
Fort Meade or Columbus or Ford Island or Hill AFB or Mechanicsburg or Pensacola or San Antonio or Scott AFB
$87k-$198k/yr HybridFull Time
Booz Allen Hamilton
Booz Allen HamiltonNYSE: BAH: Consulting and technology services for government and commercial clients
4+ YOE4+ years in DoD enterprise architectures and in-depth F5 BIG-IP experience;Secret clearance;HS diploma or GED.
F5 BIG-IP, VMware, NSX-T, SD-WAN, TLS, PKI
4w
Save
Mark Applied
Hide
Principal Cloud Application Security Engineer
Arlington or United States
$182k-$239k/yr RemoteFull Time
Interos
Interos: Automated platform for supply chain risk intelligence.
12+ YOE12+ years in information/cloud/application security; 5+ years AWS, Docker, Kubernetes; 2+ years Terraform; cloud security, IaC, incident response, CI/CD integration; bachelor's or equivalent; strong communication.
AWS, Docker, Kubernetes, Terraform
3w
Save
Mark Applied
Hide
Web Application Security Engineer (AppSec / DevSecOps)
Washington, District of Columbia, United States
HybridFull Time
Essnova Solutions
Essnova Solutions: Provides professional and technical services to government entities.
Experience in application security, secure SDLC, vulnerability assessment, WAF, CI/CD/DevSecOps integration, and familiarity with federal frameworks (NIST, FedRAMP); Public Trust clearance or ability to obtain.
SAST, DAST, Software Composition Analysis (SCA), Web Application Firewall (WAF), CI/CD, DevSecOps, AWS, Microsoft Azure, OWASP Top 10, NIST, FedRAMP
1w
Save
Mark Applied
Hide
Web Developer / Application Security (AppSec) Engineer
Washington, District of Columbia, United States
OnsiteFull Time
ASSYST
ASSYST: An IT firm specializing in digital transformation, DevSecOps, cybersecurity, and AI integration for government agencies.
Experience with secure SDLC, DevSecOps automation, vulnerability remediation, and protecting web applications; development experience with REST APIs, SQL, .NET/C#, JavaScript, Python, Node.js, React, TypeScript; familiarity with SIEM, IDS/IPS, EDR/NDR, Wireshark; U.S. citizenship required; security certifications preferred.
REST APIs, SQL, .NET/C#, JavaScript, Python, Node.js, React, TypeScript, SIEM, IDS/IPS, EDR/NDR, Wireshark, WAF, NIST, FISMA, FedRAMP
2d
Save
Mark Applied
Hide
Lead Security Application Engineer
Alexandria, Virginia, United States
$115k-$150k/yr OnsiteFull Time
3SI Security Systems
3SI Security Systems: Provides GPS tracking and surveillance for asset protection.
4+ YOE4+ years VMS/PSIM experience, team leadership, networking and video streaming expertise, Microsoft SQL Server/SQL skills, active U.S. Secret clearance, and ability to travel up to 50% OCONUS.
Surveill, VMS, PSIM, Microsoft SQL Server, SQL, TCP/IP, h.264, h.265, Multicast, Unicast
1w
Save
Mark Applied
Hide
Security Automation Application Engineer
Linthicum, Maryland, United States
$104k-$218k/yr OnsiteFull Time
CACI
CACINYSE: CACI: Provides information technology and professional services to government clients.
Active TS/SCI with Polygraph; strong analytics development background; proficiency in Python; experience with RMF, system authorization, and vulnerability management (e.g., Nessus); 4+ years experience typical depending on degree.
Python, Pig, PySpark, AWS Lambda, Nessus Vulnerability Scanner
1w
Save
Mark Applied
Hide
Security Automation Application Engineer
Linthicum Heights, Maryland, United States
$104k-$218k/yr OnsiteFull Time
CACI International
CACI InternationalNYSE: CACI: Provides information technology and engineering services for government agencies.
Active TS/SCI with polygraph, strong analytics development background, proficiency in Python, experience with system authorization, RMF, and vulnerability management; multi-year technical experience as specified by education.
Python, Pig, PySpark, AWS Lambda, Nessus Vulnerability Scanner, Risk Management Framework (RMF)
4d
Save
Mark Applied
Hide
Application Engineer 4 (Cloud)
Linthicum Heights, Maryland, United States
OnsiteFull Time
Themis Insight
Themis Insight: Provides technical consulting and data analytics for national security.
TS/SCI with Polygraph required; deep cloud security experience, ability to design and evaluate secure cloud workloads, strong communication and customer-facing skills, knowledge of cloud security controls and compliance (NIST SP 800-53).
NIST SP 800-53, AWS, Azure, Google Cloud, IAM, AWS Key Management Service, AWS Config, AWS Security Hub, GuardDuty, Inspector, Risk Management Framework
1w
Save
Mark Applied
Hide
Application Engineer Expert Level
Laurel, Maryland, United States
$225k-$305k/yr OnsiteFull Time
Integrity Technology Consultants
Integrity Technology Consultants: Provides engineering and management consulting solutions to US national security.
TS/SCI with polygraph required. Extensive Linux, Kubernetes, VM, Ansible, and troubleshooting experience; experience with OpenStack/VMware/AWS, Apache NiFi, and security hardening (STIG/SSP).
YUM, Kubernetes, Rancher, Ansible, OpenStack, VMware, AWS, Apache NiFi, Docker, Python, MongoDB, Riverbed, SSH, RHEL
1mo
Save
Mark Applied
Hide
Senior Application Developer
Fort Meade, Maryland, United States
$164k-$200k/yr OnsiteFull Time
Belay Technologies
Belay Technologies: Provides specialized technology and engineering services to the DoD.
12+ YOESecurity clearance TS/SCI with poly; 12+ years software engineering; reverse engineering, development, and analyst skills.
C, C++, Python, Assembly, Reverse Engineering, Networking
2w
Save
Mark Applied
Hide
Application Developer
Reston, Virginia, United States
OnsiteFull Time
ASRC Federal
ASRC Federal: Provides engineering and IT services to federal government agencies.
2+ YOEU.S. citizenship with ability to obtain security clearance; Bachelor's in CS/Engineering; 2+ years software development; proficiency with Java, JavaScript, relational databases, Git, HTML/CSS/JSON/XML; strong analytical and communication skills.
Java, JavaScript, PostgreSQL, Oracle, Git, HTML, CSS, JSON, XML, XSLT, XSD, Python, Android, Jenkins, Jira, Confluence, REST, SOAP

Explore Jobs

Expand Your Job Search