Application Security Engineer - Veracode

The Squires Group, Inc. is hiring for an Application Security Engineer to enhance our clients application security team. In this role, you will collaborate with the client and application team to ensure a strong and resilient security posture for high-profile applications.

Per our client contract, candidates must be clearable to the Secret level. If you currently have an Active Secret Clearance, you're a step ahead. This is a REMOTE opportunity, but you MUST BE A US CITIZEN, ELIGIBLE FOR A SECRET CLEARANCE.

Responsibilities

Perform application security testing using Veracode, Burp Suite, and related tools (SAST, DAST, IAST).

Collaborate with development teams to remediate vulnerabilities and integrate secure coding practices.

Implement and maintain security controls across applications and systems in line with federal compliance standards (e.g., NIST, FIPS, FedRAMP).

Support security tool integration within CI/CD pipelines and development environments (e.g., Eclipse, Visual Studio).

Troubleshoot basic connectivity and tool issues in Linux/UNIX environments and automate tasks using scripting (e.g., Bash).

Qualifications

Required Experience/Skills:

6 + years of information technology experience.

3+ years of experience with supporting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Veracode

3+ years of experience with Java, Python, .NET, or C#

3+ years of experience with Burp Suite

3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, network, or infrastructure services.

Experience with Eclipse, JDeveloper, including pipeline development, or Visual Studio.

Experience with securing enterprise web applications and OWASP Top 10, CVSS, CWE, WASC, and SANS-25.

Knowledge of Linux or UNIX environments, including navigating and troubleshooting basic website connectivity issues

Understanding of federal compliance standards, such as NIST 800-53, FIPS, or FedRAMP.

Ability to obtain a security clearance at the Secret level.

HS diploma or GED.

Additional Requirements:

Experience with Interactive Application Security Testing (IAST) capabilities and tools.

Experience with Selenium.

Experience in writing bash scripts.

Experience with OWASP ZAP or Burp Proxy

Compensation and Benefits

Salary around $110K based on experience, qualifications, location, and certifications. The salary pay range is subject to change and may be modified at any time.

Benefits package includes PTO, health, vision, and dental coverage, pet insurance, FSA, EAP, and more!

Check out our Referral Program!

The Squires Group will pay you for every qualified professional that you refer and we place. If you see a position posted by The Squires Group and know the perfect person for the job, please send us your referral. For more information, go to

#LI-Remote

#LI-EK1