1

Senior Application Security Engineer Jobs in Reston, VA

Application Security Engineer

Falls Church, VA · On-site

$62.75 - $83.75/hr

Application Security Engineer Strategy (Nasdaq: MSTR) • Tysons Corner, VA • Full-time, 5 days/week on-site Join Strategy's IT Security group as an Application Security Engineer and play a crucial ...

Application Security Engineer

Falls Church, VA · On-site

$62.75 - $83.75/hr

Application Security Engineer Strategy (Nasdaq: MSTR) • Tysons Corner, VA • Full-time, 5 days/week on-site Join Strategy's IT Security group as an Application Security Engineer and play a crucial ...

As an application security engineer you will help our engineering teams maintain and develop our product, and directly have impact in a security centric company and product. An ideal candidate is ...

Rubrik is seeking an Application Security Engineer. In this role, you will be responsible for ensuring that Rubrik's products and services are designed and implemented to the highest possible ...

Application Security Engineer

Mclean, VA · On-site

$60.25 - $80.50/hr

Veilant is looking for an Application Security Engineer to join our InfoSec team and help validate, secure, and continuously improve software developed by internal and partner engineering teams. This ...

App security engineer

Washington, DC

$66.50 - $89/hr

Washington, DC Duration: 18 Months+ Mandatory: â Sr level with 5-10 years â Application Security Engineer with programming/development background â Perform app security reviews, outlining ...

Hybrid 3 days onsite / 2 days remote in either Tysons Corner, VA or Rockville, MD Our client seeks a senior application security engineer to plan, coordinate, and implement application security ...

next page

Showing results 1-20

Senior Application Security Engineer information

See Reston, VA salary details

$76.5K

$142.7K

$194K

How much do senior application security engineer jobs pay per year?

As of Jul 4, 2026, the average yearly pay for senior application security engineer in Reston, VA is $142,665.00, according to ZipRecruiter salary data. Most workers in this role earn between $119,100.00 and $163,300.00 per year, depending on experience, location, and employer.

What is a Senior Application Security Engineer job?

A Senior Application Security Engineer is responsible for ensuring the security of software applications by identifying vulnerabilities, implementing security best practices, and working with development teams to integrate secure coding principles. They conduct security assessments, perform threat modeling, and use security tools to detect and remediate risks. Additionally, they help establish security policies, oversee compliance with industry standards, and provide guidance to developers and stakeholders on security-related matters. Their goal is to protect applications from cyber threats while enabling business continuity and innovation.

What are the key skills and qualifications needed to thrive in the Senior Application Security Engineer position, and why are they important?

To thrive as a Senior Application Security Engineer, you need a solid understanding of secure software development, threat modeling, vulnerability assessment, and a degree in computer science or a related field. Familiarity with tools like static and dynamic application security testing (SAST/DAST), code review platforms, and certifications such as CISSP or OSCP are often required. Strong analytical thinking, attention to detail, effective communication, and the ability to collaborate are standout soft skills for this role. These capabilities help ensure robust protection of applications, support safe software delivery, and enable effective teamwork across engineering and security teams.

What are the typical responsibilities of a Senior Application Security Engineer on a day-to-day basis?

A Senior Application Security Engineer typically spends their days reviewing application code for security vulnerabilities, performing threat modeling, and collaborating closely with development teams to ensure secure coding practices are followed. They may also lead security assessments, coordinate penetration tests, and work on developing or enforcing security policies within the organization. Regular interaction with cross-functional teams, such as DevOps and IT, is common to address security issues throughout the software development lifecycle. This role also often involves mentoring junior engineers and staying up to date with the latest security threats and technologies.

What are popular job titles related to Senior Application Security Engineer jobs in Reston, VA? For Senior Application Security Engineer jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Senior Application Security Engineer jobs in Reston, VA look for? The top searched job categories for Senior Application Security Engineer jobs in Reston, VA are:
What cities near Reston, VA are hiring for Senior Application Security Engineer jobs? Cities near Reston, VA with the most Senior Application Security Engineer job openings:

Application Security Engineer

Veilant

Falls Church, VA • On-site

$62.75 - $83.75/hr

Other

Posted 4 days ago


Job description

Job Description

Application Security Engineer

Strategy (Nasdaq: MSTR) • Tysons Corner, VA • Full-time, 5 days/week on-site

Job Description

Join Strategy's IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy's software applications by deploying AI-powered security tooling to protect the software development lifecycle at scale. You will be responsible for integrating security practices throughout the SDLC, ensuring our software products are resilient against vulnerabilities.

Responsibilities

  • AI Security Governance: Evaluate and establish guardrails for the secure use of AI coding assistants (e.g., Copilot, Cursor, Claude) within the engineering organization, including policy development around AI-generated code review, training data exposure risks, and prompt injection vulnerabilities in AI-integrated applications.

  • Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing.

  • Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA) tools.

  • **Security Assessments & Penetration Testing: **Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws.

  • Secure Code Review: Analyze source code using both manual review and AI-assisted code analysis tools (e.g., GitHub Copilot Autofix, Semgrep, or similar) to surface vulnerabilities earlier in the development cycle and deliver actionable, in-context remediation guidance to developers.

  • **Threat Modeling & Risk Analysis: **Perform threat modeling to anticipate potential attack vectors and improve security architecture.

  • DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating AI-assisted security automation within CI/CD pipelines, including AI-powered SAST/DAST tools and LLM-based code scanning to accelerate vulnerability detection at the point of commit.

  • **Incident Response & Remediation: **Assist in investigating security incidents related to applications and work with engineering teams to remediate threats.

  • **Security Awareness & Training: **Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices.

Qualifications:
Qualifications

  • Bachelor's degree in Computer Science, Engineering, or related field

  • Minimum 2 years of software development or software security experience in an agile environment

  • Hands-on experience applying Generative AI and/or ML to security use cases—such as vulnerability triage, threat detection, or secure code review automation—and a strong drive to stay current as AI security tooling evolves.

  • Hands-on experience with SAST, DAST, IAST, and SCA tools (e.g., Checkmarx, Fortify, Veracode, SonarQube, Burp Suite, ZAP)

  • Fluent in one or more programming languages, such as Python, Java, JavaScript

  • Strong knowledge of secure coding principles and application security frameworks

  • Familiarity with security tools (e.g., static and dynamic analysis tools, vulnerability scanners)

  • Understanding of security standards and regulations (e.g., OWASP, NIST)

  • Experience with cloud security best practices in AWS, Azure, or GCP

  • Familiarity with AI/LLM-specific security risks including prompt injection, model poisoning, insecure output handling, and the OWASP Top 10 for LLM Applications.

  • Strong work ethic with a commitment to meeting business needs and effectively collaborating with global colleagues

  • Effective interpersonal skills; ability to collaborate successfully with both technical and non-technical stakeholders

  • Ability to articulate complex technical concepts with clarity, supported by effective written and verbal communication skills

Additional Information

Strategy is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, creed, color, religion, national origin, gender, sex, sexual orientation, gender identity, disability, veteran status, age, genetic information, or any other legally-protected basis.

Strategy provides reasonable accommodation for qualified individuals with disabilities in the hiring process. If you have any difficulty using our online system and you need an accommodation due to a disability, you may contact us about your interest in employment at application_accommodations@strategy.com.

Visit Strategy’s Careers page for additional information.