Application Security Engineer

Job Title: Application Security Engineer

Location: Must reside within a commutable distance of Asheville, NC, Silver Spring, MD, Stennis Space Center, MS, or Boulder, CO to work onsite as required. Hybrid/onsite

Clearance:  Must have an active NOAA Public Trust clearance or active Secret security clearance.

Citizenship: US Citizenship Required

Position Type: Full Time/Exempt

Salary Range: US market data minimum $115,000.00 - $125,000.00 maximum wage range. You will receive a competitive total rewards package that is applicable to the U.S. only. The salary range may vary based on experience, skillset, and geographical location.

AttainX, Inc. is seeking a detail-oriented and highly skilled Application Security Analyst to join our federal cybersecurity team. The ideal candidate will have hands-on experience integrating security tools in CI/CD pipelines and identifying vulnerabilities in web applications through both manual testing and automated analysis tools.

Qualifications and Education Requirements:

Basic Minimum Qualifications:

• 5+ years of experience in application security or a related field.
• Identify, analyze, and mitigate application security vulnerabilities using tools like Checkmarx, Invicti, Black Duck, etc. 
• Collaborate with development teams to integrate secure coding practices and prioritize vulnerability remediation throughout the SDLC.
• Maintain container images supporting different automated CI/CD security scanning phases.
• Hands-on experience with static and dynamic application security testing (SAST/DAST).
• Familiarity with tools such as Invicti, Checkmarx, Black Duck, and similar platforms.
• Strong understanding of secure coding practices and application vulnerabilities (e.g., OWASP Top 10).
• Experience with CI/CD tools and pipelines, integrating security throughout the software development lifecycle (SDLC).
• Ability to interpret and explain security findings to developers and provide remediation guidance.
• Excellent communication skills and strong documentation ability.
• Possess at least ONE (1) of the following professional certifications:
  1. CompTIA Security+
  2. Electronic Commerce Council Certified Ethical Hacker (CEH)
  3. Certified Information Systems Security Professional (CISSP)

Preferred Qualifications:

• Experience working in Agile development environments with DevSecOps practices.
• Experience supporting application security for federal agencies.

Education / Experience:

5+ years of relevant experience in application security, software development, or DevSecOps.

Skills:

Application Security, Static & Dynamic Analysis, CI/CD Integration, OWASP Top 10,

Security Tooling: Invicti, Checkmarx, Black Duck, GitLab CI/CD

Duties:

We are searching for an Application Security Analyst to support secure development and implementation of applications. Duties include:

• Conduct security reviews and static code analysis to identify application vulnerabilities.
• Integrate SAST, DAST, and SCA tools into CI/CD pipelines.
• Collaborate with developers to remediate vulnerabilities and promote secure coding practices.
• Generate and present risk-based security reports to engineering and management teams.
• Maintain security tooling configurations and ensure up-to-date signatures and policies.

Non-Essential Functions:

• General Duty Requirements

About Us:

AttainX Inc. is SBA Certified 8(a), Women Owned Small Business (WOSB), Economically Disadvantaged WOSB (EDWOSB), CMMI Level 3, ISO 9001:2015 certified QMS and Silver Level SaFe Partner. For more than 12 years, AttainX, Inc. has delivered emergent technologies, software products, and high-quality services that meet the needs of our Federal Government customers. 

The last 4 years have shown significant company growth as we have increased our contracts portfolio and hold the “Best in Class” contract vehicles, GSA MAS and OASIS Small Business and 8(a) Pools 1, 2 and 3. In addition, we are prime on several Agency Specific IDIQ’s and BPA’s with the National Oceanic and Atmospheric Administration, Department of Energy, Navy, Health and Human Service and the Defense Intelligence Agency. 

AttainX is dedicated to quality and best practices for the services we provide. We understand our people are the key ingredient to ensuring our customers Mission and Goals are met with excellence. 

Benefits: 

We are proud to offer competitive compensation and benefits packages to include paid vacation, medical, dental, vision, matching 401K plan, tuition/training reimbursement, and Long & Short-Term Disability. 

EEO Commitment:

AttainX Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other status protected by applicable federal, state, or local law.

We are committed to providing equal employment opportunities for individuals with disabilities and protected veterans in compliance with Section 503 of the Rehabilitation Act of 1973 and the Vietnam Era Veterans’ Readjustment Assistance Act (VEVRAA).

Accommodations:

If you are an individual with a disability and would like to request a reasonable workplace accommodation, please send an email to HR@AttainX.com.  Indicate the specifics of the assistance needed. 

Physical Demands:

Sitting and working on a computer for long, continuous periods each day; effective communications by telephone, email, and face-to-face; standing, walking, and sitting; handling and feeling objects or controls; reaching; talking and hearing; lifting and/or moving up to 10 pounds; and specific vision abilities including close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust and focus.

Work Environment: The noise level in the work environment is usually moderate.