Senior Application Security Engineer

As the largest provider of IT services, Leidos develops and sustains large data and technology infrastructures and integrates complex law enforcement IT system for several US federal agencies.  At Leidos we offer engaging careers, a collaborative culture, and support for your career goals and growth.  This role would be serving a federal law enforcement agency in Clarksburg, WV with remote work possible.

As a Senior Application Developer, you will be a key contributor in the design, development, and deployment of critical applications for a Government client. You will leverage your deep understanding of software development principles and your expertise in modern technologies, including Expertise in Specific CSP Services, Containerization and Orchestration, Serverless Architectures, Microservices Architecture, API Design and Development, and Infrastructure as Code (IaC). The Application Developer Senior – Level 3 will provide support for tasks involving these skillsets for a Government client. You will be responsible for coordinating with Government security policies and working with various teams on assigned tasks. Prior work experience with the Federal Government is preferred, along with the preferred skills suggested below. You will play a vital role in building scalable, reliable, and secure applications in a cloud environment.

Primary Responsibilities:

• Design and implement secure application architectures across various enterprise environments and cross-platform technologies.

• Integrate security into CI/CD pipelines, automating security testing and code analysis processes.

• Conduct security architecture reviews of existing and new applications, identifying potential vulnerabilities and weaknesses.

• Provide security guidance and best practices to development teams throughout the Software Development Life Cycle (SDLC).

• Perform threat modeling to identify potential attack vectors and prioritize security efforts.

• Define security requirements for applications and APIs, ensuring compliance with NIST, OWASP, and other relevant security standards.

• Review code (in languages like Python, Perl, JAVA) for security vulnerabilities and provide remediation guidance.

• Configure and utilize application security testing tools (SAST, DAST, etc.) to automate vulnerability detection.

• Collaborate with infrastructure and operations teams to ensure secure deployment and configuration of applications.

• Develop and maintain secure coding guidelines and best practices for developers.

• Evaluate and recommend new security technologies and tools to enhance application security.

• Stay up-to-date with the latest application security threats, vulnerabilities, and mitigation techniques.

• Mentor and train developers on secure coding practices and application security principles.

• Document security architectures, designs, and standards.

• Participate in security incident response and provide guidance on application-related security issues.

Basic Qualifications:

• Bachelor’s Degree in Software Engineering, Computer Science, Information Systems

• Management, Cyber Security or other related discipline, or equivalent experience; additional years of experience may be considered in lieu of a degree

• 8+ years of prior relevant experience

• Knowledge of secure DevOps techniques and securely implementing DevOps managed environments

• Experience in information system compliance with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA and SANS Institute

• Demonstrated knowledge of networking and virtualization technology, such as OpenStack, RHEV, etc.

• Previous System Administration, Developer, and Web services experience in an Enterprise Environment utilizing cross platform technologies

• Certified Web Application Penetration Tester (CWAPT) or Certified Application Security Specialist (CASS) required

• COMPTIA Sec+ certification required

• Documented experience in Python, Perl, and JAVA

• Ability to research and learn both independently and as part of a team

• Must have reliable internet access

• Must be a US Citizen to apply

• DOD Top Secret Clearance is required

Preferred Qualifications:

• Master’s Degree preferred

• 6+ years of prior relevant experience with a Master’s degree

• Familiarity with Agencies Agile ATO process

• Documented experience is preferred in as many of the following programming languages, web services, and applicable software stacks as possible: REST, PowerShell, SOAP, Apache Struts, Websockets, Java Message Queue, RPC over HTTP, WIA (Windows, IIS, ASP.NET), C, C++, C#, Node.js, JavaScript, Pega, Groovy, LAMP (Linux, Apache, MySQL, PHP), AMP (Apache, MySQL, PHP), JOLT (Java, Oracle, Linux, Tomcat), and LAMJ (Linux, Apache, MySQL, JSP Servlets).

Original Posting:

May 20, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.