Application Security Engineer
Description For Application Security Engineer
Bixal, a consulting company based in Fairfax, VA, is seeking an Application Security Engineer to join their team focused on digital transformation for federal clients. This role combines technical expertise with mission-driven impact, offering a unique opportunity to shape secure digital solutions for government services.
The position requires a seasoned professional with 4 years of experience who will be instrumental in maintaining and enhancing security across public-facing websites and digital products. The role encompasses a wide range of responsibilities, from implementing security remediations and managing CI/CD pipelines to providing expert guidance on best practices in an AWS FISMA moderate environment.
Key technical aspects include working with tools like Jenkins for continuous integration, PrismaCloud for security integration, and various vulnerability scanning tools. The ideal candidate will have experience with FedRamp IaaS/SaaS and modern web development stacks, along with the ability to create and monitor Software Bills of Materials (SBOM).
The position offers a competitive salary range of $95,000-$105,000 and comes with comprehensive benefits including medical/dental/vision insurance, 401k matching, parental leave, and flexible work arrangements. The role is hybrid, based in Washington, D.C., with remote work options available.
This is a full-time position with a defined performance period of up to three years, contingent on contract award. It presents an excellent opportunity for professional growth within a company that values innovation, inclusion, and purpose-driven work. The role requires collaboration with various teams and stakeholders, making it ideal for someone who enjoys both technical challenges and mentoring others.
Bixal's commitment to diversity, equity, and inclusion, combined with their mission to improve government services through technology, makes this an attractive position for candidates seeking meaningful work in the cybersecurity sector. The company's focus on continuous learning and professional development ensures opportunities for growth and advancement.
Responsibilities For Application Security Engineer
- Provide application security expertise and support for digital assets
- Work with Application Development Team on security remediations for web products
- Support compliance and secure baseline development in AWS FISMA environment
- Configure and operate CI/CD pipelines with security integration
- Use and apply findings from application security monitoring tools
- Assist in building technical foundation using continuous integration tools
- Engage with client personnel to understand requirements
- Participate in daily standup meetings and ticket system management
- Provide security training and best-practices guidance
- Develop documentation including Use Cases and Design Specifications
Requirements For Application Security Engineer
- Bachelor's Degree with 4 years of relevant experience
- Experience with vulnerability scanning tools
- Expertise in integrating security testing in automated delivery pipelines
- Experience with modern web development stack
- Experience with open source and community solutions
- Experience in FedRamp IaaS/SaaS
- Experience with SBOM creation and monitoring software dependencies
- Ability to collaborate and mentor teams on secure software development
Benefits For Application Security Engineer
- Competitive base salary
- Flex hours
- Work from home flexibility
- 401K with matching incentive
- Parental Leave
- Medical/dental/vision benefits
- Flex Spending Account
- Company provided short-term disability
- Company provided life insurance
- Commuter benefits
- Generous PTO
- 11 Paid holidays
- Professional development opportunities
- New business referral bonus
