Application Security Engineer
Dunhill Professional SearchSalary Context
This role offers $86k–$125k. The median for Mid-level security roles is $90k–$125k (based on 136 listings). Near median.
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Sign up free to auto-tailor your resume with all these keywords and get a higher ATS score
Job Description
The Application Security Engineer will perform the following:
- Defines, maintains, and enforces application security best practices
- Conduct vulnerability assessment and manual/automated code reviews
- Demonstrate vulnerabilities to application owners and provide mitigation recommendations
- Proficient in any SAST, DAST, and OSA tools.
- In depth knowledge with any programming language like Java, .NET, C#, etc.
- Performs and conducts penetration tests and manual/automated code reviews.
- Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
- In depth Knowledge of Secure Coding best practices and OWASP top 10, SANS 25, CVE, etc.
- Identify AppSec related tools/conduct tool analysis, and provide recommendations
- Vulnerability Management Specialist will have at least five years of working knowledge and hands-on experience with five or more of the following tools: BurpSuite, SonarQube, OWASP/Maven, Fortify, Tenable, STIG Viewer, AWS Security Hub, AWS Inspector, ePO, ServiceNow, Jira, ADO, eMASS or equivalent GRC Tools.
Minimum Qualifications
- Bachelor’s Degree in Computer Science, Engineering, or other Engineering or Technical discipline and a minimum of 5 years of working knowledge and hands-on equivalent relevant experience.
- Candidates must have a Security+ certification or similar
- Candidates must have an active secret security clearance.
- Position requires on-site work in Alexandria VA 2-3 days/week.
Other Job Specific Skills
- Working knowledge and hands-on experience with the following:
- BurpSuite
- SonarQube
- OWASP/Maven
- Fortify, Tenable
- STIG Viewer
- AWS Security Hub
- AWS Inspector
- ePO, ServiceNow
- Jira
- ADO
- eMASS or equivalent GRC Tools
#CJPost
Job Requirements:
- Defines, maintains, and enforces application security best practices
- Conduct vulnerability assessment and manual/automated code reviews
- Demonstrate vulnerabilities to application owners and provide mitigation recommendations
- Proficient in any SAST, DAST, and OSA tools.
- In depth knowledge with any programming language like Java, .NET, C#, etc.
- Performs and conducts penetration tests and manual/automated code reviews.
- Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
- In depth Knowledge of Secure Coding best practices and OWASP top 10, SANS 25, CVE, etc.
- Identify AppSec related tools/conduct tool analysis, and provide recommendations
Salary Details
This salary was provided in the Job Posting.
$86,200-$125,000
Yearly Salary
Job Snapshot
Employee Type
Full-Time
Location
Alexandria, VA (Onsite)
Job Type
Government
Experience
Not Specified
Date Posted
03/05/2026
Job ID
TN_JQM1CP76LJBG14HS5DY
Similar Jobs
Network Infrastructure Engineer
WhatJobs Direct
URGENT: Power BI Developer | Bangalore Candidates only
Coder Talent
PowerBI Developer – R01559829
Brillio
Red Hat Linux Specialist (2955)
PSI Pax
Linux Helpdesk Admin (Laurel, MD)
Shield Consulting Solutions, Inc.
More Jobs at Dunhill Professional Search
View all →Microsoft developer and Azure specialist C#.NET 🏆
Dunhill Professional Search
Application Security Engineer - DevSecOps 🏆
Dunhill Professional Search
M365 Operations Administrator with Security Clearance
Dunhill Professional Search
Application Security Engineer - DevSecOps 🏆
Dunhill Professional Search
Federal Network Support Engineer Tier 1/ 1.5
Dunhill Professional Search
Want AI-powered job matching?
Upload your resume and get every job scored, your resume tailored, and hiring manager emails found - automatically.
Get Started Free