1

Application Security Engineer Jobs in Virginia (NOW HIRING)

APPLICATION SECURITY ENGINEER

Fairfax, VA ยท On-site

$60 - $80.25/hr

Application Security Engineer Location: Onsite in Fairfax, VA 3 days and in Washington, DC 2 days per week. Duration: Long Term Contract Positions Require a Secret Clearance The Application Security ...

Application Security Engineer

Herndon, VA ยท Remote

$60.50 - $80.75/hr

Application Security Engineer Company: VivSoft Work Type: Remote Employment: Full Time Location: US Seniority: Mid Level Technologies: GitHub Actions, SAST, DAST, SCA, OWASP Requirements: Experience ...

Senior Security Engineer, Application Position location: Richmond, Va., Lynchburg, Va. This position is available to Virginia residents as Richmond or Lynchburg, Virginia in-office applicants *A ...

Application Security Engineer

Herndon, VA ยท Hybrid

$60.25 - $80.75/hr

Minimum of 5 years experience working "hands-on" in application security engineering * Hands-on experience with Fortify, Veracode, Tenable, Black Duck, or similar platforms * Hands-on experience with ...

Application Security Engineer

Ashburn, VA ยท On-site

$107K - $195K/yr

Primary Responsibilities Leidos is looking for an Application Security Engineer to support: Application Security Operations and Maintenance, Application Security Configuration Management and ...

Security Engineer (Web Application)

Arlington, VA ยท On-site

$67.50 - $90.25/hr

Security Engineer (Web Application) Location: Arlington, VA Security Clearance: Secret Duties and Responsibilities The Security Engineer (Web Application) supports this Transportation Security ...

next page

Showing results 1-20

Application Security Engineer information

See Virginia salary details

$29

$65

$95

How much do application security engineer jobs pay per hour?

As of Jul 13, 2026, the average hourly pay for application security engineer in Virginia is $65.83, according to ZipRecruiter salary data. Most workers in this role earn between $56.01 and $74.86 per hour, depending on experience, location, and employer.

What Does an Application Security Engineer Do?

An application security engineer is responsible for ensuring the secure function of software application programs. For this career, you must have advanced training in cybersecurity and familiarity with multiple computer programming languages. Your main job duty is to evaluate lines of programming code to make sure a given application is safe from cyber-attack. You perform penetration testing to see if outside sources can "hack" into the application. You also do threat modeling and security code reviews of programming done by other application programmers.

What are some common challenges faced by Application Security Engineers when integrating security into the software development lifecycle?

Application Security Engineers often encounter challenges such as balancing security requirements with development speed, ensuring all team members understand secure coding practices, and keeping up with evolving threats. They frequently work closely with developers, DevOps, and QA teams to embed security controls without disrupting workflows. Overcoming these challenges requires strong communication skills, a deep understanding of both security and software development, and the ability to advocate for security as a shared responsibility across the organization.

What does an Application Security Engineer do?

An Application Security Engineer is responsible for identifying and mitigating security vulnerabilities in software applications throughout their development lifecycle. They work closely with developers to ensure secure coding practices, conduct security assessments and code reviews, and implement tools for threat detection and prevention. Their primary goal is to protect applications from threats such as data breaches, unauthorized access, and other forms of cyber attacks. They also stay updated on the latest security trends and compliance requirements to keep applications safe.

What are the key skills and qualifications needed to thrive as an Application Security Engineer, and why are they important?

To thrive as an Application Security Engineer, you need a solid background in software development, cybersecurity fundamentals, and vulnerability assessment, often supported by a degree in computer science or a related field. Familiarity with tools such as static and dynamic application security testing (SAST/DAST), penetration testing frameworks, and relevant certifications like CISSP or CEH is common. Attention to detail, problem-solving abilities, and strong communication skills help you effectively identify risks and collaborate with development teams. These skills are crucial for safeguarding applications against evolving threats and ensuring secure software delivery.

What is the difference between Application Security Engineer vs Security Analyst?

AspectApplication Security EngineerSecurity Analyst
CertificationsCEH, CISSP, OSCPCISSP, Security+
Work EnvironmentDevelops security measures, reviews code, tests applicationsMonitors security systems, investigates incidents, analyzes threats
Industry UsageTech companies, software firms, organizations with strong app focusBroad sectors including finance, healthcare, government

Application Security Engineers focus on securing software applications through code review, vulnerability testing, and implementing security measures. Security Analysts monitor and analyze security threats, respond to incidents, and maintain security systems. While both roles require security certifications and work in security-focused environments, Application Security Engineers are more involved in the development and testing of secure applications, whereas Security Analysts focus on threat detection and incident response.

What are the most commonly searched types of Application Security Engineer jobs in Virginia? The most popular types of Application Security Engineer jobs in Virginia are:
What are popular job titles related to Application Security Engineer jobs in Virginia? For Application Security Engineer jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Application Security Engineer jobs in Virginia look for? The top searched job categories for Application Security Engineer jobs in Virginia are:
What cities in Virginia are hiring for Application Security Engineer jobs? Cities in Virginia with the most Application Security Engineer job openings:
What are popular job titles related to Application Security Engineer jobs in VA? For Application Security Engineer jobs in VA, the most frequently searched job titles are:

APPLICATION SECURITY ENGINEER

Hirekeyz Inc

Fairfax, VA โ€ข On-site

$60 - $80.25/hr

Contractor

Posted 19 days ago


Job description

Role: Application Security Engineerย 

Location: Onsite in Fairfax, VA 3 days and in Washington, DC 2 days per week.

Duration: Long Term Contract

Positions Require a Secret Clearance

Job Description:

The Application Security Engineer position supports secure application development and cybersecurity operations for Federal DoD programs. The role requires a deep expertise in application security, software development, federal cybersecurity standards, and secure architecture. Will be responsible for senior-level leadership in information security, secure SDLC integration, and compliance with federal security frameworks such as NIST 800โ€‘53, NIST 800โ€‘37 RMF, FedRAMP, and agency-specific security baselines.
ย 
ย 
Primary Responsibilities:ย 
  • Serve as the primary application security SME for the project, ensuring compliance with NIST, FISMA, FedRAMP, DHS, DoD, and agency-specific security requirements.
  • Guide system teams through Risk Management Framework (RMF) steps related to application security, including control implementation, evidence gathering, and POA&M mitigation.
  • Lead security architecture reviews for mission-critical systems, ensuring secure-by-design principles across federal systems and networks.
  • Integrate security into the federal SDLC by defining secure coding standards, conducting code reviews, and providing architectural input.
  • Conduct and lead advanced security testing.
  • Provide CISSP-level expertise on risk evaluation, compensating controls, and secure architecture guidance.
  • Guide enterprise risk posture by advising leadership on vulnerabilities, mitigations, and long-term remediation planning.
  • Ensure secure configurations of cloud resources within AWS GovCloud FedRAMP environments.
  • All other duties as assigned by management.
ย 
Skills and Qualifications:
  • Bachelorโ€™s degree in computer science or related field
  • 10 years in application development and IT security
  • Experience performing risk assessments for Federal systems in AWS GovCloud
  • Experience supporting FedRAMP High/Moderate systems
  • Knowledge in Java, Python, HTML, SQL, CSS and cloud computing
  • Excellent communication and management skills.
ย 
Certifications Required:
  • Certified Secure Software Lifecycle Professional (CSSLP)
  • Certified Information Systems Security Professional (CISSP)
  • CompTIA Security +