1

Security Coding Jobs in Virginia (NOW HIRING)

HSCRC Coding Reviewer

Virginia Beach, VA ยท On-site

$40 - $45/hr

The HSCRC Coding Reviewer will be a subject matter expert in clinical documentation review ... Practical knowledge of and ability to comply with system and information security requirements.

Security Product Reverse Engineer

Sterling, VA ยท On-site

$122K - $253K/yr

Nightwing is seeking an experienced Security Product Reverse Engineer (RE) to support advanced ... Conduct in-depth source code analysis and comprehensive code audits * Develop, test, and debug ...

next page

Showing results 1-20

Security Coding information

See Virginia salary details

$10.9K

$116.4K

$149.2K

How much do security coding jobs pay per year?

As of Jul 16, 2026, the average yearly pay for security coding in Virginia is $116,442.00, according to ZipRecruiter salary data. Most workers in this role earn between $107,100.00 and $134,300.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Security Coding position, and why are they important?

To thrive as a Security Coding professional, you need a strong background in software development, cybersecurity principles, and vulnerability assessment, typically supported by a degree in computer science or a related field. Familiarity with languages such as Python, C/C++, Java, as well as security tools like static analysis software and certifications such as CISSP or CEH, is often required. Attention to detail, problem-solving abilities, and the capacity to communicate complex technical risks to non-technical stakeholders are highly valued soft skills. These qualifications ensure that code is developed with security best practices in mind, protecting organizations from cyber threats and compliance issues.

What is a Security Coding job?

A Security Coding job involves writing secure code to protect applications and systems from vulnerabilities and cyber threats. Professionals in this role implement security best practices, conduct code reviews, and fix security flaws in software. They often work closely with developers and security teams to ensure compliance with industry standards. Strong knowledge of secure coding guidelines, penetration testing, and threat modeling is essential for this role.

What are some common challenges faced by Security Coding professionals on the job?

Security Coding professionals often face the challenge of balancing rapid software development with the need to implement robust security measures. They may encounter evolving threats and zero-day vulnerabilities, which require them to stay updated and adapt security practices quickly. Collaborating with development teams to integrate secure coding practices into fast-paced release cycles is also common. Since new technologies and frameworks are frequently adopted, ongoing learning and adaptability are key to overcoming these challenges and maintaining secure applications.

Is cybersecurity a coding job?

Cybersecurity roles, including security coding, often involve writing and analyzing code to identify vulnerabilities and develop secure software. Skills in programming languages like Python, C, or Java are commonly required, along with knowledge of security tools and protocols. However, some cybersecurity positions focus more on analysis, policy, or management rather than coding specifically.

What pays more, coding or cybersecurity?

Security coding, which involves developing secure software, generally offers salaries comparable to cybersecurity roles, such as security analysts or engineers. Cybersecurity positions often have higher earning potential due to the demand for protecting systems and data, especially with certifications like CISSP or CEH. Both fields require technical skills and can lead to high-paying careers, but cybersecurity roles tend to have a broader range of higher salary opportunities.

Can you make $500,000 a year in cyber security?

Security coding roles, such as cybersecurity engineers or senior developers, can reach or exceed $500,000 annually with extensive experience, advanced skills, and often in high-demand sectors or leadership positions. Achieving this level typically requires specialized certifications, expertise in secure coding practices, and often involves working in senior or executive roles with significant responsibilities.

Can I make $200,000 a year in cyber security?

Security coding roles, such as cybersecurity engineers or developers, can reach or exceed $200,000 annually with extensive experience, advanced skills, and certifications like CISSP or CEH. High salaries are often found in senior positions, specialized fields, or in organizations with complex security needs, especially in high-cost regions or industries with critical security requirements.
What job categories do people searching Security Coding jobs in Virginia look for? The top searched job categories for Security Coding jobs in Virginia are:
Infographic showing various Security Coding job openings in Virginia as of July 2026, with employment types broken down into 1% Internship, 1% As Needed, 85% Full Time, 10% Part Time, 1% Temporary, and 2% Contract. Highlights an 79% Physical, 3% Hybrid, and 18% Remote job distribution, with an average salary of $116,442 per year, or $56 per hour.
Web Developer Security Engineer with Security Clearance

Web Developer Security Engineer with Security Clearance

Horizon Global Partners

Reston, VA โ€ข On-site

Other

Posted 19 days ago


Job description

Web Developer Security Engineer
Company: Horizon Global Partners (HgP)
Division: Defense & Aerospace Services (DAS)
Location: Washington, DC (Hybrid)
Employment Type: Full-Time
Clearance Requirement: Public Trust Tier 2 (Active preferred; ability to obtain required)
Position Summary
Horizon Global Partners (HgP) is seeking a highly skilled Web Developer Security Engineer to support a Federal Government customer by securing mission-critical web applications, APIs, and cloud-based services. The successful candidate will integrate security throughout the Secure Software Development Lifecycle (SSDLC), identify and remediate application vulnerabilities, implement DevSecOps practices, and strengthen application security through secure architecture, automation, and continuous monitoring.
The ideal candidate combines strong software development experience with application security engineering expertise and has hands-on experience implementing secure coding practices, threat modeling, vulnerability management, Web Application Firewalls (WAF), File Integrity Monitoring (FIM), and CI/CD security automation.
________________________________________
Position Responsibilities
Application Security Engineering
โ€ข Identify, assess, and remediate web application vulnerabilities, insecure dependencies, and application misconfigurations.
โ€ข Conduct application security reviews throughout the Secure Software Development Lifecycle (SSDLC).
โ€ข Validate remediation efforts through technical testing and secure code review.
โ€ข Develop and maintain secure coding standards aligned with OWASP best practices.
Secure Architecture & Threat Modeling
โ€ข Perform threat modeling and application risk assessments.
โ€ข Design secure web application and REST API architectures.
โ€ข Recommend secure authentication, authorization, encryption, and data protection mechanisms.
โ€ข Implement secure design patterns that reduce application attack surfaces.
DevSecOps & CI/CD Security
โ€ข Integrate security controls into CI/CD pipelines.
โ€ข Automate security testing using Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and secrets scanning.
โ€ข Implement security gates to prevent vulnerable code from reaching production.
โ€ข Support Git-based secure development workflows and DevSecOps automation.
Monitoring & Incident Response
โ€ข Analyze web server, application, and security logs for indicators of compromise.
โ€ข Configure and tune Web Application Firewalls (WAF) to protect enterprise web applications.
โ€ข Implement and maintain File Integrity Monitoring (FIM) solutions.
โ€ข Support security incident investigations and forensic analysis.
Secure Software Development
Develop and secure applications using technologies including:
โ€ข .NET
โ€ข C#
โ€ข ASP.NET MVC
โ€ข WCF
โ€ข HTML5
โ€ข CSS3
โ€ข JavaScript
โ€ข REST APIs
โ€ข SQL
โ€ข Python
โ€ข Node.js
โ€ข React
โ€ข TypeScript
Mobile & Cloud Security
โ€ข Evaluate and implement security controls for mobile web applications.
โ€ข Support secure cloud application deployments.
โ€ข Collaborate with infrastructure and cloud engineering teams to improve application security posture.
Compliance & Documentation
โ€ข Support compliance with NIST SP 800-53, FISMA, and FedRAMP requirements.
โ€ข Participate in security assessments, audits, and authorization activities.
โ€ข Develop security documentation, remediation plans, risk assessments, and engineering standards.
โ€ข Produce security metrics and compliance reports.
________________________________________
Required Qualifications
โ€ข Bachelorโ€™s degree in Computer Science, Cybersecurity, Information Systems, Engineering, or a related field.
โ€ข Minimum 3 years of Application Security (AppSec), Secure Software Development Lifecycle (SSDLC), or Web Application Security experience.
โ€ข Extensive experience with secure software development and vulnerability remediation.
โ€ข Experience implementing DevSecOps principles throughout CI/CD pipelines.
โ€ข Strong knowledge of OWASP Top 10 vulnerabilities and secure coding practices.
โ€ข Experience performing threat modeling and application risk assessments.
โ€ข Experience deploying, tuning, and maintaining Web Application Firewalls (WAF).
โ€ข Experience configuring and managing File Integrity Monitoring (FIM).
โ€ข Experience analyzing web server and application logs.
โ€ข Experience with SIEM, IDS/IPS, EDR, or Network Detection & Response (NDR) technologies.
โ€ข Experience securing REST APIs and cloud-based applications.
โ€ข Excellent analytical, documentation, and communication skills.
________________________________________
Required Technical Skills
โ€ข .NET
โ€ข C#
โ€ข ASP.NET MVC
โ€ข WCF
โ€ข HTML5
โ€ข CSS3
โ€ข JavaScript
โ€ข TypeScript
โ€ข React
โ€ข Node.js
โ€ข Python
โ€ข REST APIs
โ€ข SQL
โ€ข Secure SDLC (SSDLC)
โ€ข DevSecOps
โ€ข CI/CD Security
โ€ข Threat Modeling
โ€ข OWASP Top 10
โ€ข Secure Coding
โ€ข Vulnerability Management
โ€ข WAF
โ€ข File Integrity Monitoring (FIM)
โ€ข SIEM
โ€ข IDS/IPS
โ€ข EDR
โ€ข NDR
โ€ข Git
โ€ข Security Automation
โ€ข Mobile Web Security
________________________________________
Required Credentials
Candidates should possess current security certifications that demonstrate expertise in secure software development and application security. The Government requires at least one current certification from each of the following categories, with equivalent legacy certifications accepted if professionally maintained for at least five years:
Application Security (AppSec) โ€“ At least one required
โ€ข Certified Secure Software Lifecycle Professional (CSSLP)
โ€ข GIAC Certified Web Application Defender (GWEB)
โ€ข EC-Council Certified Application Security Engineer (CASE)
Offensive Security โ€“ At least one required
โ€ข OffSec Web Expert (OSWE)
โ€ข Offensive Security Certified Professional (OSCP)
Foundational Security โ€“ At least one required
โ€ข CompTIA Security+
โ€ข GIAC Security Essentials (GSEC)
________________________________________
Preferred Qualifications
โ€ข Experience with Federal Government or DoD environments.
โ€ข Experience with NIST SP 800-53, FISMA, and FedRAMP authorization processes.
โ€ข Experience with AWS cloud security.
โ€ข Experience securing Docker and Kubernetes environments.
โ€ข Experience implementing automated security gates within CI/CD pipelines.
โ€ข Experience using AI-assisted development tools such as GitHub Copilot or OpenAI APIs to improve secure software development workflows.
________________________________________
Why Join Horizon Global Partners?
At Horizon Global Partners, youโ€™ll support mission-critical Federal Government systems by integrating security into every stage of the software development lifecycle. Youโ€™ll collaborate with software developers, DevSecOps engineers, cybersecurity professionals, and cloud architects to build resilient, secure, and compliant web applications that support critical government missions.