Web Application Security Engineer In Remote Jobs

At Ardent, we hire people who want more than a job - they want to serve a mission that matters. Our teams support the federal government's most critical national security and defense priorities, helping protect the nation, strengthen resilience, and advance the technologies and capabilities that keep America secure. For veterans, cleared professionals, and purpose-driven innovators, Ardent is a place to continue serving alongside a team that understands the importance of the mission and the people behind it.

We also know top talent has choices, which is why we back our mission with benefits and flexibility that stand out: competitive pay, comprehensive health coverage, flexible PTO, federal holidays off, tuition reimbursement, professional development support, wellness stipends, and a culture that values and rewards hard work, dedication, and adaptability. If you want to build something meaningful, while enjoying the kind of flexibility and support that you need to do your best work - Ardent is where your next mission begins.

Ardent is seeking a Web Developer Security Engineer to join our team.  

This position is based in Washington, DC and may require a combination of on-site and remote support depending on program needs.

Position Description:

Ardent is seeking a Web Developer Security Engineer to support the security of mission-critical web applications, APIs, and supporting cloud environments. This role will focus on integrating security throughout the software development lifecycle, identifying and remediating application vulnerabilities, supporting compliance initiatives, and implementing security controls that help ensure applications remain resilient against evolving cyber threats.

The Web Developer Security Engineer will work closely with development, cybersecurity, infrastructure, and operations teams to support secure application design, vulnerability management, threat detection, incident response, and DevSecOps initiatives.

Responsibilities and Duties:

• Identify, analyze, and remediate web application vulnerabilities, insecure dependencies, misconfigurations, and security weaknesses.
• Support vulnerability management activities throughout the software development lifecycle, including threat modeling, security assessments, remediation validation, and risk reduction efforts.
• Integrate security controls into web applications, APIs, and supporting services using secure-by-design principles.
• Support implementation of secure communication protocols, data protection mechanisms, and application security controls.
• Obtain, review, and analyze web server and application logs to identify anomalies and indicators of compromise.
• Support incident response activities related to web application security events and investigations.
• Develop automation scripts and processes to improve threat detection, security monitoring, and compliance reporting.
• Maintain documentation related to findings, remediation activities, security controls, and operational procedures.
• Support compliance with federal cybersecurity frameworks including NIST SP 800-53, FISMA, and FedRAMP requirements.
• Participate in audits, risk assessments, security reviews, and authorization activities.
• Collaborate with cross-functional teams to improve application security posture and support continuous security enhancements.
• Support implementation of DevSecOps practices and security controls throughout CI/CD pipelines.

Requirements: 

• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or related field.
• Minimum of 5 years of experience supporting Application Security, Web Application Security, Secure Software Development, DevSecOps, or related disciplines.
• Experience supporting secure software development and vulnerability remediation activities.
• Strong understanding of OWASP Top 10, secure coding standards, and web application security best practices.
• Experience developing or supporting modern web applications utilizing technologies such as .NET, C#, HTML5, CSS3, JavaScript, REST APIs, and SQL.
• Experience performing log analysis, security monitoring, and investigation of web application security events.
• Experience deploying, configuring, and maintaining Web Application Firewalls (WAFs).
• Experience supporting File Integrity Monitoring (FIM) solutions and security monitoring technologies.
• Familiarity with security testing tools and technologies such as SIEM, IDS/IPS, EDR, NDR, or similar platforms.
• Experience implementing DevSecOps principles and integrating security controls into CI/CD pipelines.
• Ability to perform risk assessments, analyze cyber threats, and provide remediation recommendations.
• Strong written and verbal communication skills.
• Ability to work independently and collaboratively within multidisciplinary teams.
• Ability to successfully complete and maintain a government background investigation.
• Current security certification(s) such as:
  • CSSLP, GWEB, CASE, OSWE, OSCP, Security+, GSEC, or equivalent.

Preferred Qualifications: 

• Experience supporting federal government environments.
• Experience supporting NIST SP 800-53, FISMA, FedRAMP, and security authorization activities.
• Experience with threat modeling, security architecture reviews, and secure application design.
• Experience implementing advanced DevSecOps practices and automated security controls.
• Experience with AWS cloud security and container security technologies including Docker and Kubernetes.
• Experience leveraging AI-assisted development tools to support security monitoring, automation, and compliance activities.
• Experience developing security metrics, audit reporting, and compliance documentation.

Due to the nature of the work we support, all candidates in consideration for this role must be willing to undergo the government issued background investigation process. We highly encourage all Veterans and those with disabilities to apply.

Ardent is an equal opportunity employer. We will not discriminate in employment, recruitment, advertisements for employment, compensation, termination, upgrading, promotions, and other conditions of employment against any employee or job applicant on the bases of race, color, gender, national origin, age, religion, creed, disability, veteran's status, sexual orientation, gender identity, gender expression, or any other basis protected by state, local, or federal law.