Application Security Engineer

At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.
phia is seeking an Application Security Engineer to collaborate with a Federal client and thier key stakeholders in maintaining a robust security posture. This remote position offers the flexibility to work from home anywhere within the United States. U.S. citizenship is required with the ability to obtain public trust status. As a member of the Application Security Team, you will tackle complex security challenges, and develop innovative solutions, while having a meaningful impact on national security. If you are passionate about problem-solving, driven by innovation, and eager to contribute to the nation's cybersecurity efforts, we invite you to explore this opportunity.

What You'll Do

• Remediate application security flaws in conjunction with the application security team.
• Lead security discussions with the application teams to prescribe security best practices within their development lifecycle.
• Perform dynamic and static application performance testing, perform security requirements creation or generation level threat modeling leveraging tools, including SD elements, and perform application level testing using applications such as Burp Suite. Work with the latest OWASP frameworks.

Required: Education + Experience

• Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field. Additional years of experience may be substituted for a degree.
• 3+ years of experience with Java, Python, .NET, or C#
• 3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, network, or infrastructure services
• Experience with Eclipse, Visual Studio, or JDeveloper, including pipeline development
• Experience with setting up SAML authentication
• Ability to write Amazon CloudFormation Templates (CFT)
• Ability to manage MySQL databases
• Ability to troubleshoot Linux Nftables and IPTables at the command line

Desired Certifications (one or more)

• Secuirity+
• AWS Certified Solutions Architect or Developer Certification (AWS)
• Cisco Certified Network Associate (CCNA)
• Microsoft Certified Solutions Expert (MCSE)
• Red Hat Certified System Administrator (RHCSA)
• EC-Council Certified Security Specialist (ECSS)

Bonus points if you have:

• Experience with one or more of the following technologies: Networking, including CISCO, Juniper, or Palo Alto, operating systems, including Windows Server, Redhat, or Linux, cloud services, including AWS, Azure, Salesforce, Okta, O365, or ServiceNow, or Mobile Technologies, including iOS or Xen Mobile
• Experience with designing, building, and implementing automation tools, including Ansible, Chef, or Puppet
• Experience with Infrastructure as Code tools, including Cloud Formations or Terraform
• Experience with container platforms, including OpenShift
• Experience with chaos engineering and blue or green deployments
• Experience with Serverless, including Lambda, API Gateway, Step Functions, and SAM
• Experience with application performance analysis and monitoring, including ELK
• Experience with an Agile release methodology
• Experience with securing cloud-based systems
• Knowledge of NIST 800 Series Instruction/CNSS Directives/Information Assurance regulations
• Knowledge of SDN/SDP and hybrid architectures
• Ability to describe the differences between, and develop, various TIC 3.0 documentation
• Ability to communicate complex and technical concepts clearly
• Ability to compellingly justify security architecture decisions and direction to align others to a common vision

Security Clearance

• U.S. Citizenship required
• Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Public Trust determination is required

#LI-LC1
Who You Are A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.Intellectually curious with a genuine desire to learn and advance your career.An effective communicator, both verbally and in writing.Customer service-oriented and mission-focused.Critical thinker with excellent problem-solving skills If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.
Who We Arephia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.phia values work-life balance and offers the following benefits to full-time employees: Comprehensive medical insurance to include dental and visionShort Term & Long-Term Disability 401k Retirement Savings Plan with Company MatchTuition and Professional Development Assistance Flex Spending Accounts (FSA)
phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.