38 appsec engineer jobs at 28 companies in Frederick, MD
🚀PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yrOn-SiteFull Time
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Web Application Security Engineer (AppSec / DevSecOps)
Washington, District of Columbia, United States
HybridFull Time
Essnova Solutions: Provides professional and technical services to government entities.
Experience in application security, secure SDLC, vulnerability assessment, WAF, CI/CD/DevSecOps integration, and familiarity with federal frameworks (NIST, FedRAMP); Public Trust clearance or ability to obtain.
SAST, DAST, Software Composition Analysis (SCA), Web Application Firewall (WAF), CI/CD, DevSecOps, AWS, Microsoft Azure, OWASP Top 10, NIST, FedRAMP
AmazonNASDAQ: AMZN: Global online retail and cloud computing technology provider.
4+ YOE4+ years troubleshooting systems and security issues, experience identifying vulnerabilities and remediation, mentoring or tech lead experience; threat modeling and service/microservices security preferred.
MicroTech: Provider of IT integration, cloud, and managed services.
3+ YOEBachelor's degree, 3+ years in web application or application security engineering, experience with AppSec tooling, DevSecOps, WAF/FIM, vulnerability management, and federal compliance (NIST/FISMA/FedRAMP).
Modern Technology Solutions, Inc.: Provides engineering, technology, and cybersecurity services for national security.
10+ YOE10+ years technical leadership in semiconductor R&D; experience in integrated circuit and embedded system design, micro-electronics analysis, system security, cryptography/key management, testing and evaluation; current TS/SCI clearance and MS in related field.
GEICO: Provides vehicle and property insurance services to consumers.
10+ YOE10+ years in security design and AI security for applications; cloud security, threat modeling; AWS/GCP/Azure; SCA/DAST/SAST tools; bachelor’s in CS or related; certifications desired.
CMT Services: Provides management and technology consulting to government entities.
3+ YOE3+ years in web application security/AppSec/SSDLC, hands-on secure development, DevSecOps automation, WAF and FIM management, log/SIEM analysis, OWASP Top 10 mitigation, scripting for automation, and compliance with NIST/FedRAMP.
MicroTech: Provides IT, network, and cybersecurity solutions for government agencies.
3+ YOE3+ years in web application security or AppSec, bachelor's degree, experience with secure SDLC/DevSecOps, web dev tech (.NET, C#, HTML5, JavaScript), scripting (Python, Node.js), WAF/FIM, SIEM/EDR, and federal compliance knowledge.
eSimplicity: Provides digital and data services to federal government agencies.
8+ YOEBachelor’s degree in Computer Science or Engineering, or 10+ years of relevant experience; 8+ years DevOps; strong AWS, IaC (Terraform/Terragrunt), GitHub Actions; DevSecOps focus; containerization (Docker); Python or Bash; U.S. citizenship or Green Card with ability to obtain Public Trust clearance.
Waltham or Culver City or Richmond or West Valley City or Lexington or Little Rock or Allen or Phoenix or Mesa or Scottsdale or Beltsville or Birmingham or Chicago or Brentwood or Plantation or Schaumburg or Atlanta
$140k-$170k/yrRemoteFull Time
Motorola SolutionsNYSE: MSI: Provides mission-critical communications and public safety technology.
8+ YOEU.S. citizen required. 8+ years cloud infrastructure experience, 5+ years software engineering, 2+ years Kubernetes/Docker. Experience with AWS, Terraform, Helm, MySQL, CI/CD, Git, Linux/Bash, and security/compliance frameworks; ability to obtain required security clearance.
Ad Hoc: Builds user-centered digital services and platforms for government agencies.
5+ YOEBachelor's degree and 5+ years software engineering experience; strong React, TypeScript, JavaScript, accessibility, REST API, testing, Git, and US citizenship with DHS Public Trust eligibility.
JRAD: Provides technical research and defense support to federal agencies.
0+ YOEBachelor's in CS or related, 0-3 years software development experience, Java/Spring preferred, proficiency with OOP, data structures, REST/microservices, databases, containerization, Agile, and security standards; able to pass DHS suitability screening.
Java, C#, C++, ASP.Net, Python, JavaScript, Spring MVC, Spring Boot, SSO, Scala, Http4s, ETL, Node.js, React, Angular, Vue.js, PostgreSQL, MySQL, MongoDB, RESTful APIs, microservices, Docker, Kubernetes, Git, Github, JIRA, SAFe, AWS, Microsoft Azure, Google Cloud Platform, Jenkins, GitLab CI/CD, GitHub Actions, JUnit, PyTest, Jest, OWASP, Section 508, NIST
Praescient Analytics: Provides data analytics and intelligence for national security missions.
8+ YOEActive TS/SCI with CI polygraph eligibility, U.S. citizenship, 8+ years senior application security experience in DoD/IC, DoD 8570/8140 IAT Level III, expertise with NIST SP 800-53, DoD RMF, secure SDLC, CI/CD, and cloud/container security.
NIST SP 800-53, DoD RMF, ICD 503, Zero Trust, OWASP, SDLC, CI/CD, SonarQube, Fortify, Kubernetes, OpenShift, AWS, Azure, DevSecOps, AI/ML