Key skills
IAMCI/CDLeadershipCommunication
About this role
Leidos is seeking an Application Security Engineer as part of their DevOps team to support a large-scale software program within the Department of Justice. The role focuses on securing applications by identifying vulnerabilities in code, designing security controls, and conducting penetration tests to prevent security breaches throughout the software development lifecycle.
Responsibilities:
- Conduct security integration efforts across the software development lifecycle
- Support the maintenance of a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues
- Identify vulnerabilities in code and work with developers to remediate them
- Automate security testing in CI/CD pipelines
- Conduct advanced threat modeling and oversee secure architectural choices
- Perform security incident response and remediation efforts
- Establish secure coding practices and conduct training sessions
- Track and report progress on security vulnerabilities in formal reviews
- Collect compliance evidence in support of reviews and audits
Requirements:
- Bachelor's degree in Cybersecurity, Computer Science, or related field with 5 years of experience
- 3+ years of experience in application security engineering
- Expertise in security tools, security controls and frameworks, and incident response
- Strong leadership and communication skills
- Experience with compliance evidence collection and risk-based release gating
- Familiarity with container security standards and IAM governance
- Knowledge of security scanning integration and vulnerability management