2

Remote Application Security Engineer Jobs in Washington

This position is based in Washington, DC and may require a combination of on-site and remote ... Identify, analyze, and remediate web application vulnerabilities, insecure dependencies ...

Perform Static Application Security Testing (SAST) toidentifypotential vulnerabilities in the ... Work with DevOps teams to securely harden Linux based machines and cloudinfrastructure Basic ...

Hybrid 3 days onsite / 2 days remote in either Tysons Corner, VA or Rockville, MD Our client seeks a senior application security engineer to plan, coordinate, and implement application security ...

Senior AI Security Engineer

Washington, DC ยท On-site +1

$129K - $177K/yr

Bachelor's degree in Computer Science, cybersecurity, or a related technical field required * 5+ years of experience in application security, cloud security, or AI/ML engineering, with at least 2 ...

Senior DevSecOps Engineer

Arlington, VA ยท On-site +1

$131K - $180K/yr

This role is primarily remote with potential for occasional meetings at FDIC HQ in Arlington, VA as ... Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software ...

Senior DevSecOps Engineer

Washington, DC ยท Remote

$129K - $177K/yr

This role is primarily remote with potential for occasional meetings at FDIC HQ in Arlington, VA as ... Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software ...

next page

Showing results 1-20

Remote Application Security Engineer information

What are the key skills and qualifications needed to thrive as a Remote Application Security Engineer, and why are they important?

To thrive as a Remote Application Security Engineer, you need a strong background in secure software development, vulnerability assessment, and a solid understanding of security frameworks, often supported by a degree in computer science and certifications like CISSP or OSCP. Familiarity with tools such as Burp Suite, OWASP ZAP, static and dynamic analysis tools, and secure code review systems is typically required. Excellent problem-solving, communication, and self-motivation are essential soft skills for collaborating remotely and articulating security risks to diverse stakeholders. These skills ensure robust application security, effective risk mitigation, and seamless cooperation in distributed work environments.

Can you make $500,000 a year in cyber security?

Remote Application Security Engineers with extensive experience, advanced certifications, and specialized skills in areas like penetration testing or secure software development can potentially earn $500,000 annually, especially in senior or leadership roles. Achieving this level often requires a combination of high-level expertise, strategic responsibilities, and working in high-demand or high-paying industries. Most cybersecurity professionals earn less, but top-tier roles and consulting positions can reach or exceed this income level.

How can I make $2000 a week working from home?

A Remote Application Security Engineer can earn $2000 or more weekly by working full-time, leveraging specialized skills in cybersecurity, secure coding, and vulnerability assessment. Increasing income may involve gaining relevant certifications like CISSP or OSCP, working for high-paying companies, or taking on freelance consulting projects that require advanced security expertise.

What is the difference between Remote Application Security Engineer vs Remote Security Analyst?

AspectRemote Application Security EngineerRemote Security Analyst
CertificationsCSSLP, CISSP, CEHCISSP, Security+, CEH
Work EnvironmentFocus on application security, code reviews, vulnerability assessmentsMonitor security alerts, analyze threats, incident response
Industry UsageSoftware development, tech companies, financeIT services, corporate security teams, government

The Remote Application Security Engineer primarily focuses on securing software applications through code analysis and vulnerability management, while the Remote Security Analyst monitors security systems and responds to threats. Both roles require similar certifications and are vital in cybersecurity teams, but they differ in daily tasks and focus areas.

What engineer makes $500,000 a year?

A remote application security engineer can earn $500,000 or more annually, especially with extensive experience, specialized skills in security tools, and certifications like CISSP or OSCP. High salaries are often found in senior roles at large tech companies or cybersecurity firms, reflecting the critical importance of security expertise in protecting digital assets.

Can security engineers work remotely?

Yes, many security engineers, including application security engineers, can work remotely. The role often involves tasks such as code review, vulnerability assessment, and security tool management, which can be performed effectively from a remote environment with proper access to systems and secure communication tools.

How does a Remote Application Security Engineer typically collaborate with development teams to address security vulnerabilities?

As a Remote Application Security Engineer, you will regularly interact with development teams through virtual meetings, code reviews, and secure communication platforms. Collaboration involves identifying vulnerabilities through security assessments, then working closely with developers to explain risks and recommend remediation strategies. Effective communication skills and a proactive approach are essential, as you'll often need to bridge the gap between security requirements and development timelines. Embracing tools for remote collaboration, such as shared issue trackers and documentation platforms, is key to ensuring efficient teamwork and timely resolution of security issues.

What is a Remote Application Security Engineer?

A Remote Application Security Engineer is a cybersecurity professional who works from a location outside the traditional office environment to assess, design, and implement security measures for software applications. Their responsibilities include identifying vulnerabilities in code, conducting security testing, and recommending fixes to prevent cyberattacks. They collaborate with development teams remotely to ensure secure coding practices and compliance with industry standards. This role is critical for protecting sensitive data and maintaining trust in digital products, especially as remote work and cloud-based applications become more common.
What are the most commonly searched types of Application Security Engineer jobs in Washington? The most popular types of Application Security Engineer jobs in Washington are:
What are popular job titles related to Remote Application Security Engineer jobs in Washington? For Remote Application Security Engineer jobs in Washington, the most frequently searched job titles are:
What job categories do people searching Remote Application Security Engineer jobs in Washington look for? The top searched job categories for Remote Application Security Engineer jobs in Washington are:
What cities in Washington are hiring for Remote Application Security Engineer jobs? Cities in Washington with the most Remote Application Security Engineer job openings:
Application Security Engineer

Application Security Engineer

Edgewater Federal Solutions, Inc.

Washington, DC โ€ข On-site, Remote

$140K - $160K/yr

Full-time

Posted 2 days ago


Job description

Overview
Edgewater is currently seeking an Application Security Engineer who will be a hands-on subject matter expert in Microsoft Azure cloud technologies, application security, security architectures, security tools, and methodologies. The Application Security Engineer will support our federal customer in Washington DC. This is a hands-on technical role that will provide the right candidate with an exciting opportunity to develop the federal customer's application security program, working with developers and the organization to meet the strategic security goals of the agency.
This is a remote position but requires the candidate to work at the federal site in Washington DC at least two days a month so candidates local to the Washington, DC area strongly preferred.
Due to the contract and nature of the work, US Citizenship is required to obtain a Department of Energy security clearance.
Responsibilities
  • Drive the strategic maturation of the agency's Application Security (AppSec) program by defining security standards, scaling automation, and embedding secure development practices across all product lifecycles.
  • Perform SAST assessments using Veracode and GitHub Advanced Security, identifying code-level vulnerabilities and providing remediation guidance.
  • Conduct and analyze DAST scans, including configuration, execution, and triage of results.
  • Evaluate and prioritize vulnerabilities using industry frameworks such as CVSS, CWE, OWASP Top 10, WASC, and SANS Top 25.
  • Collaborate with development, DevOps, and security teams to integrate security controls into CI/CD pipelines and the broader SDLC.
  • Provide expert advice on secure coding principles and assist developers in resolving security findings.
  • Troubleshoot application and connectivity issues in Linux-based environments.
  • Contributes to the design and implementation of enterprise-wide application security controls.
  • Ensure alignment with federal security and compliance standards, including NIST 800-53, FIPS, and FedRAMP.
  • Maintain awareness of emerging threats, vulnerabilities, and best practices in application security.

Qualifications
  • Experience supporting SAST/DAST environments using Veracode.
  • Experience with SCA tools and vulnerability remediation
  • Experience leveraging CI/CD deployment methodologies and infrastructure as code (IaC)
  • Experience writing playbooks and scripts for automation tools including Terraform, Ansible for IaC
  • Demonstrate proficiency with a scripting or coding language, preferably Python.
  • Proficiency in automation and scripting, such as PowerShell, Python, Bash, and Terraform.
  • Ability to discuss Information Security concepts such as defense in depth and zero trust.
  • Demonstrate ability to communicate ideas both verbally and in writing to management, business and IT stakeholders, and technical resources in language that is appropriate for each group.
  • Ability to work collaboratively with developers across multiple departments
  • Ability to work effectively in a fast-paced, project-oriented environment
  • Ability to analyze and prioritize vulnerabilities based on risk
  • Strong technical acumen, communication, and influence skills
  • Working knowledge of system hardening (CIS, STIGs regulatory compliance)
  • Experience working with and supporting Unix/Linux and Windows systems.
  • Experience with SCA tools and vulnerability remediation in containers
  • Container orchestration and container security experience
  • 3+ years in application security supporting SAST, DAST, and SCA environments
  • 3+ years of experience designing and implementing application security controls
  • 3+ years of experience working in Linux-based environments, including troubleshooting application and connectivity issues.
  • Knowledge of federal security and compliance standards (NIST 800-53, FIPS, FedRAMP).

Preferred Qualifications:
  • Experience in securing Azure cloud infrastructure (i.e., inspection, logging, WAF, VM)
  • Experience with Azure DevOps
  • Practical implementation and architectural experience in encryption techniques, including data at rest and in transit
  • Prior experience as a software developer is highly preferred

Requirements:
  • Bachelor's degree in computer science or related fields
  • Minimum of 8 years of experience in Information Security or related fields
  • CISSP or equivalent (CompTIA Security+, CEH, or DoD equivalent)

Preferred Certifications:
  • ISC2 Certified Information Systems Security Professional (CISSP)
  • ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
  • GIAC Web Application Penetration Tester (GWAPT)
  • Microsoft Azure Security Engineer (AZ-500)
  • HashiCorp Terraform Associate (Infrastructure as Code)

Salary: $140,000 - $160,000
About Us:
Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2025.
It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other statuses protected by applicable law.status protected by applicable law.