Application Security Engineer - ConsultNet - McLean, VA
ConsultNet
Title: Senior Application Security Engineer
Location : McLean, VA
Target Start Date : ASAP
Type: contract
Pay Rate: DOE
The Senior Application Security Engineer is responsible for planning, coordinating, and implementing application security practices across all phases of the software development lifecycle (SDLC). This role focuses on identifying and remediating security vulnerabilities through testing, tool evaluation, secure code reviews, and close collaboration with engineering teams. The engineer will also help advance DevSecOps initiatives and leverage modern technologies, including GenAI, to scale and automate application security capabilities.
Key Responsibilities
Conduct application security assessments, including manual penetration testing using tools such as Burp Suite and proxy-based testing tools
Analyze and triage findings from SAST, DAST, and IAST tools, prioritizing and supporting remediation of security vulnerabilities
Integrate security controls into CI/CD pipelines to support DevSecOps practices
Perform secure code reviews and support remediation efforts with development teams
Evaluate, implement, and optimize application security tools, including SAST, DAST, IaC, and secrets detection solutions
Leverage GenAI technologies to automate code analysis and scale application security reviews
Conduct AWS configuration and security reviews
Maintain clear documentation of security findings, remediation plans, policies, and compliance requirements
Develop and interpret application security policies, standards, and procedures
Support security compliance initiatives and audits
Develop and deliver security training and awareness programs for developers and assurance teams
Stay current with emerging application security threats, vulnerabilities, and mitigation strategies
Qualifications
Bachelor's degree in Computer Science, Engineering, or a related technical field
5 years of experience in cybersecurity and application secu