38 appsec engineer jobs at 28 companies in Frederick, MD

PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yr On-SiteFull Time
HiringCafe
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Node.js, Python, Elasticsearch, Redis
2mo
Save
Mark Applied
Hide
Lead AppSec Engineer
Los Angeles or Washington or United States
$150k-$220k/yr RemoteFull Time
Virtualitics
Virtualitics: Provides an AI-native platform for readiness and analytics.
Technical leadership in application security with hands-on AI/ML experience, threat modeling, cloud and container security (AWS/GCP/Azure, Docker, Kubernetes), familiarity with SAST/DAST/container scanning and security platforms (Wiz, Snyk, GitHub Advanced Security), and experience designing secure AI workflows.
Claude Code, Cursor, AWS, GCP, Azure, Docker, Kubernetes, Wiz, Snyk, GitHub Advanced Security, SAST, DAST, container scanning, CI/CD
3w
Save
Mark Applied
Hide
Staff AppSec Engineer
Washington or United States
$210k-$230k/yr RemoteFull Time
Upside
Upside: Personalized cashback rewards platform for everyday brick-and-mortar purchases.
6+ YOE6+ years in application/product security, hands-on Python code review, vulnerability management, deep AWS security experience (Lambda, Control Tower), experience integrating AI tools, strong communication; Bachelor's preferred.
GitHub Advanced Security, GitHub Actions, GitHub Copilot, Python, Terraform, AWS, AWS Lambda, DynamoDB, S3, SNS, SQS, IAM, VPCs, AWS Control Tower, ChatGPT, Snowflake, SQL
1w
Save
Mark Applied
Hide
Web Developer / Application Security (AppSec) Engineer
Washington, District of Columbia, United States
OnsiteFull Time
ASSYST
ASSYST: An IT firm specializing in digital transformation, DevSecOps, cybersecurity, and AI integration for government agencies.
Experience with secure SDLC, DevSecOps automation, vulnerability remediation, and protecting web applications; development experience with REST APIs, SQL, .NET/C#, JavaScript, Python, Node.js, React, TypeScript; familiarity with SIEM, IDS/IPS, EDR/NDR, Wireshark; U.S. citizenship required; security certifications preferred.
REST APIs, SQL, .NET/C#, JavaScript, Python, Node.js, React, TypeScript, SIEM, IDS/IPS, EDR/NDR, Wireshark, WAF, NIST, FISMA, FedRAMP
3w
Save
Mark Applied
Hide
Web Application Security Engineer (AppSec / DevSecOps)
Washington, District of Columbia, United States
HybridFull Time
Essnova Solutions
Essnova Solutions: Provides professional and technical services to government entities.
Experience in application security, secure SDLC, vulnerability assessment, WAF, CI/CD/DevSecOps integration, and familiarity with federal frameworks (NIST, FedRAMP); Public Trust clearance or ability to obtain.
SAST, DAST, Software Composition Analysis (SCA), Web Application Firewall (WAF), CI/CD, DevSecOps, AWS, Microsoft Azure, OWASP Top 10, NIST, FedRAMP
2d
Save
Mark Applied
Hide
Sr AWS Application Security Engineer, ADC AppSec
Arlington or Seattle
$178k-$227k/yr OnsiteFull Time
Amazon
AmazonNASDAQ: AMZN: Global online retail and cloud computing technology provider.
4+ YOE4+ years troubleshooting systems and security issues, experience identifying vulnerabilities and remediation, mentoring or tech lead experience; threat modeling and service/microservices security preferred.
1w
Save
Mark Applied
Hide
Web Developer Security Engineer
Washington, District of Columbia, United States
OnsiteFull Time
MicroTech
MicroTech: Provider of IT integration, cloud, and managed services.
3+ YOEBachelor's degree, 3+ years in web application or application security engineering, experience with AppSec tooling, DevSecOps, WAF/FIM, vulnerability management, and federal compliance (NIST/FISMA/FedRAMP).
.NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, SQL, Python, Node.js, TypeScript, Java, React.js, Web Application Firewall (WAF), File Integrity Monitoring (FIM), SIEM, IDS/IPS, EDR, NDR, Wireshark, Docker, Kubernetes, AWS, CI/CD
4w
Save
Mark Applied
Hide
Senior Microelectronics Engineer
Alexandria, Virginia, United States
OnsiteFull Time
Modern Technology Solutions, Inc.
Modern Technology Solutions, Inc.: Provides engineering, technology, and cybersecurity services for national security.
10+ YOE10+ years technical leadership in semiconductor R&D; experience in integrated circuit and embedded system design, micro-electronics analysis, system security, cryptography/key management, testing and evaluation; current TS/SCI clearance and MS in related field.
Field-programmable gate array (FPGA), ASIC verification, Microcode, Software Security
3mo
Save
Mark Applied
Hide
Sr Staff Engineer - AI Security
Seattle or Palo Alto or Dallas or Bethesda
$120k-$260k/yr HybridFull Time
GEICO
GEICO: Provides vehicle and property insurance services to consumers.
10+ YOE10+ years in security design and AI security for applications; cloud security, threat modeling; AWS/GCP/Azure; SCA/DAST/SAST tools; bachelor’s in CS or related; certifications desired.
AWS, GCP, Azure, SCA, DAST, SAST, Encryption, OpenID Connect, OAuth, SAML, RADIUS, LDAP, KERBEROS, OWASP, NIST, PCI-DSS, DevOps/SecDevOps
1w
Save
Mark Applied
Hide
Web Developer Security Engineer
Washington, District of Columbia, United States
HybridFull Time
CMT Services
CMT Services: Provides management and technology consulting to government entities.
3+ YOE3+ years in web application security/AppSec/SSDLC, hands-on secure development, DevSecOps automation, WAF and FIM management, log/SIEM analysis, OWASP Top 10 mitigation, scripting for automation, and compliance with NIST/FedRAMP.
GitHub Copilot, OpenAI API/Codex, Python, JavaScript/Node.js, Java, React.js, TypeScript, .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, SQL, Wireshark, SIEM, IDS/IPS, NDR, EDR, WAF, File Integrity Monitoring (FIM)
1w
Save
Mark Applied
Hide
Web Developer Security Engineer
Washington, District of Columbia, United States
OnsiteFull Time
MicroTech
MicroTech: Provides IT, network, and cybersecurity solutions for government agencies.
3+ YOE3+ years in web application security or AppSec, bachelor's degree, experience with secure SDLC/DevSecOps, web dev tech (.NET, C#, HTML5, JavaScript), scripting (Python, Node.js), WAF/FIM, SIEM/EDR, and federal compliance knowledge.
.NET, C#, WCF, HTML5, CSS3, JavaScript, REST APIs, SQL, Python, Node.js, TypeScript, Java, React.js, WAF, FIM, SIEM, IDS/IPS, EDR, NDR, Wireshark, AWS, Docker, Kubernetes
2mo
Save
Mark Applied
Hide
NLM Cloud Engineer III
Bethesda, Maryland, United States
$140k-$170k/yr OnsiteFull Time
Lexical Intelligence
Lexical Intelligence: Develops NLP software for biomedical research and portfolio analysis.
6+ YOE6+ years cloud engineering or DevOps experience; Masters or equivalent in CS/IT/Engineering; strong cloud platform experience (GCP, AWS, Azure); CI/CD tools; Kubernetes; IaC; FISMA/NIST; security tools; monitoring; US work authorization.
Google Cloud, Amazon Web Services, Microsoft Azure, Kubernetes, Ansible, Terraform, Puppet, CDK, Tenable, Prowler, Netsparker, Checkmarx, OWASP, EFK stack, Prometheus, Grafana, JIRA, ServiceNow, Confluence Wiki, GitLab, GitHub, Bitbucket, TeamSite, Nexus, OpenShift, Anthos, Hadoop, RDS, MySQL, MongoDB, MS SQL, PostgreSQL, Elasticsearch
3mo
Save
Mark Applied
Hide
Senior DevOps Engineer
Columbia, Maryland, United States
$106k-$137k/yr RemoteFull Time
eSimplicity
eSimplicity: Provides digital and data services to federal government agencies.
8+ YOEBachelor’s degree in Computer Science or Engineering, or 10+ years of relevant experience; 8+ years DevOps; strong AWS, IaC (Terraform/Terragrunt), GitHub Actions; DevSecOps focus; containerization (Docker); Python or Bash; U.S. citizenship or Green Card with ability to obtain Public Trust clearance.
GitHub Actions, Terraform, Terragrunt, Docker, Python, Bash, Django, Databricks, Redshift, Maven, Nessus, BurpSuite, OWASP, AWS
2mo
Save
Mark Applied
Hide
SR Cloud Engineer – Space Programs
Herndon or Aurora
$135k-$216k/yr OnsiteFull Time
Peraton
Peraton: National security and mission-critical government technology services provider.
10+ YOEBachelor’s with 10+ years; TS/SCI with poly; 4+ years cloud engineering; IAT Level II; cloud platforms (AWS/Azure/GCP); IaC and automation; Docker/Kubernetes/OpenShift; CI/CD experience
Docker, Kubernetes, OpenShift, Rancher, Ansible, Git/GitLab, Jenkins, AWS, Azure, GCP, CI/CD, PKI, Active Directory/FreeIPA, OWASP, STIG
3w
Save
Mark Applied
Hide
Senior DevOps Engineer (US REMOTE)
Waltham or Culver City or Richmond or West Valley City or Lexington or Little Rock or Allen or Phoenix or Mesa or Scottsdale or Beltsville or Birmingham or Chicago or Brentwood or Plantation or Schaumburg or Atlanta
$140k-$170k/yr RemoteFull Time
Motorola Solutions
Motorola SolutionsNYSE: MSI: Provides mission-critical communications and public safety technology.
8+ YOEU.S. citizen required. 8+ years cloud infrastructure experience, 5+ years software engineering, 2+ years Kubernetes/Docker. Experience with AWS, Terraform, Helm, MySQL, CI/CD, Git, Linux/Bash, and security/compliance frameworks; ability to obtain required security clearance.
Terraform, Helm, MySQL, Kubernetes, CI/CD, GitHub, BitBucket, Azure DevOps, Git, Linux, Bash, Docker, AWS, WireShark, TCPDump, SNGrep, nslookup, SIP/RTP, Artifactory, Sonar, Gradle, Prometheus/Grafana, ELK Stack, OWASP, NIST, CIS, Prisma Cloud/Twistlock, Mend/WhiteSource, Java
1mo
Save
Mark Applied
Hide
Software Engineer II - Front End/ Back End
Columbia, Maryland, United States
$100k-$110k/yr RemoteFull Time
Ad Hoc
Ad Hoc: Builds user-centered digital services and platforms for government agencies.
5+ YOEBachelor's degree and 5+ years software engineering experience; strong React, TypeScript, JavaScript, accessibility, REST API, testing, Git, and US citizenship with DHS Public Trust eligibility.
JavaScript, TypeScript, React, React Hooks, RESTful APIs, Git, USWDS, Redux, Context API, React Query, GraphQL, Vite, Webpack, Jest, React Testing Library, Cypress, Playwright, Docker, Kubernetes, AWS, Figma, Lighthouse, Core Web Vitals, OWASP
2mo
Save
Mark Applied
Hide
Cloud/DevOps Engineer
Chantilly, Virginia, United States
OnsiteFull Time
Northstrat
Northstrat: Provides IT and engineering solutions for US government agencies.
4+ YOEMust have 4+ years of relevant experience; TS/SCI with polygraph; Security+ CE/SSCP/CCNA-Security/GSEC; AWS CLI/Console experience; Terraform/Terragrunt; scripting; cloud certifications preferred.
AWS, Lambda, KMS, Terraform, Terragrunt, Docker, Kubernetes, OpenShift, Rancher, Velero, JSON, XML, OWASP, DevSecOps, Cloud Certification
2w
Save
Mark Applied
Hide
Senior Security Engineer
United States or Woodlawn
HybridFull Time
Tria Federal
Tria Federal: Provides digital transformation and technology services to federal agencies.
Requires CISSP, deep knowledge of NIST 800-53, FedRAMP and ATO processes, hands-on security tooling experience (Nessus, Burp, ZAP, Splunk), scripting (Python, Bash, PowerShell), and cloud security experience (AWS preferred).
Kali, Linux, Windows, Nessus, Burp Suite, ZAP, OWASP, Splunk, Salesforce, AppOmni, AWS, Python, Bash, PowerShell
1mo
Save
Mark Applied
Hide
Junior Software Developer
Springfield or Arlington
$40k-$80k/yr HybridFull Time
JRAD
JRAD: Provides technical research and defense support to federal agencies.
0+ YOEBachelor's in CS or related, 0-3 years software development experience, Java/Spring preferred, proficiency with OOP, data structures, REST/microservices, databases, containerization, Agile, and security standards; able to pass DHS suitability screening.
Java, C#, C++, ASP.Net, Python, JavaScript, Spring MVC, Spring Boot, SSO, Scala, Http4s, ETL, Node.js, React, Angular, Vue.js, PostgreSQL, MySQL, MongoDB, RESTful APIs, microservices, Docker, Kubernetes, Git, Github, JIRA, SAFe, AWS, Microsoft Azure, Google Cloud Platform, Jenkins, GitLab CI/CD, GitHub Actions, JUnit, PyTest, Jest, OWASP, Section 508, NIST
1mo
Save
Mark Applied
Hide
Jr Salesforce Developer
Herndon or United States
RemoteFull Time
BDR Solutions
BDR Solutions: Provider of IT, engineering, and consulting for federal agencies.
3+ YOEBachelor's in IT/Information Systems (or 5 years' experience), 3+ years' experience, Salesforce Admin & Developer certs required, proficient in Apex, Visualforce, LWC, SOQL/SOSL, JavaScript, MuleSoft, Copado, APIs, and Agile/SAFe; U.S. citizenship and clearance eligibility required.
Apex, Visualforce, Lightning, Lightning Web Components, SOQL, SOSL, JavaScript, SOAP, REST, MuleSoft, Copado, Salesforce, SharePoint, JAWS, Microsoft Azure, OWASP, GitHub, SSDT, MS SSRS
1mo
Save
Mark Applied
Hide
Lead Cybersecurity Engineer (TS/SCI)
Washington, District of Columbia, United States
OnsiteFull Time
Praescient Analytics
Praescient Analytics: Provides data analytics and intelligence for national security missions.
8+ YOEActive TS/SCI with CI polygraph eligibility, U.S. citizenship, 8+ years senior application security experience in DoD/IC, DoD 8570/8140 IAT Level III, expertise with NIST SP 800-53, DoD RMF, secure SDLC, CI/CD, and cloud/container security.
NIST SP 800-53, DoD RMF, ICD 503, Zero Trust, OWASP, SDLC, CI/CD, SonarQube, Fortify, Kubernetes, OpenShift, AWS, Azure, DevSecOps, AI/ML