Application Security Engineer

Washington, D.C.

Bixal

A mission-driven organization determined to improve people’s lives through human-centered strategies and transformative technologies. We deliver on this promise by partnering with leading federal agencies to conceive and create powerful...

View all jobs at Bixal

Apply now Apply later

Important Notice for Applicants:
At Bixal, we want to ensure a transparent and secure application process for all candidates. Official communication will come from an email address ending in @bixal.com or from talent@bixal.com. Messages from other sources may be fraudulent, and you should exercise care to avoid any links or attachments included. If you experience any challenges with your submission, please contact us at talent@bixal.com.  We're here to help!
Bixal will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. If you require any accommodation as part of our recruitment process, please contact us at Talent@bixal.com. You can expect a response from a team member within 24 hours during the regular work week and on the next operating day during the weekend or holidays.
About Us:Bixal is a consulting company based in Fairfax, VA, working alongside governments and organizations to help them deliver better services and experiences to the communities they serve. Using evidence-based knowledge and technology, Bixal empowers clients to deliver on their missions more effectively by fostering a culture of learning and continuous improvement.
LocationThis role can work remotely from anywhere in the USA. You must be legally authorized to work in the US. Bixal does not provide visa sponsorship.   
What will you do?Bixal, a fast-growing agency providing holistic Digital Transformation to clients based in Fairfax VA, is seeking an Application Security Engineer to join our dynamic team. You will provide support to Application Development and Design teams to maintain ongoing production needs as well as create new offerings on federal public facing websites and internal/external digital products. This is a full-time position contingent on contract award by our client, with a defined performance period of up to three years. This role offers you a unique opportunity to make a meaningful impact on a project that aligns with Bixal’s mission of delivering innovative, human-centered solutions. While the role has a fixed duration, we are committed to transparency and collaboration, keeping you informed about contract updates and new opportunities. At Bixal, we support your professional journey, ensuring your experience reflects our inclusive, purpose-driven culture and prepares you for future success.

Responsibilities

  • Provide application security expertise, continuous integration, software delivery, software quality, and systems documentation support to digital assets, including the client’s public facing web site, as well as internal software tools
  • Work with the Application Development Team to discuss and implement security remediations for web products
  • Work closely with Cyber Security and Systems Engineering teams to support compliance, secure baseline development, CVE remediation, and the use of best practices in an AWS FISMA moderate environment
  • Provide support to the Application Development Team in configuring and operating continuous integration and delivery (CI/CD) pipelines, incorporating security into build process using tools such as PrismaCloud, and identifying and resolving issues in the build-deploy operation lifecycle
  • Use and apply the findings of robust application security monitoring tools, including assisting in the securing and maintenance of the client’s website and internal software tools
  • Assist in building a strong technical foundation in build, release, and production using continuous integration tools such as Jenkins
  • Engage with various client personnel to understand requirements in order to develop better software for the client and identify new ways in which the development team can easily solve client issues
  • Assist the  Application Development team with security focus through participation in daily standup meetings, monitoring, development, and creating issues in the ticket system
  • Provide training on a variety of security methodologies, best-practices, and tools along with insight into new technologies and solutions that could help the Application Team and the client at large; and
  • Assist in the development of Use Cases, Requirements Definition Documents, User and Administration Manuals, Detailed Design Specifications, and Training Manuals and Plans
  • Perform other duties as required

Qualifications

  • Bachelor's Degree, at least 4 years of relevant experience.
  • Configure, operate, maintain, and monitor various application security tools and services.
  • Experience working with vulnerability scanning tools to identify and resolve security vulnerabilities.
  • Expertise in integrating security testing in automated continuous delivery pipelines (Jenkins/Travis/Ansible).
  • Experience working with a modern web development stack and toolchain.
  • Experience working with open source and community solutions.
  • Experience in FedRamp IaaS/SaaS.
  • Experience with monitoring software dependencies and automating the creation of an SBOM (software bill of materials).
  • Collaborate, champion, and mentor software development teams and other stakeholders on secure software development, delivery, and operations.
Perks & Benefits:Competitive base salaryFlex hoursWork from home flexibility401K with matching incentiveParental LeaveMedical/dental/vision benefitsFlex Spending AccountCompany provided short-term disabilityCompany provided life insuranceCommuter benefitsGenerous PTO11 Paid holidaysProfessional development opportunitiesNew business referral bonus
Please note that candidates selected may undergo a background investigation and, if applicable, meet eligibility requirements for suitability.
Bixal is an equal opportunity and affirmative action employer. It ensures equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, veteran status, or any other characteristic protected by law. We are dedicated to promoting diversity, equity, and inclusion within our organization and beyond.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0

Tags: Ansible Application security AWS CI/CD Compliance FedRAMP FISMA IaaS Jenkins Monitoring Open Source SaaS SBOM Vulnerabilities

Perks/benefits: Career development Competitive pay Equity / stock options Health care Salary bonus Startup environment Transparency

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.