Improvix Technologies
Join to apply for the
Cloud Security Engineer
role at
Improvix Technologies 2 days ago Be among the first 25 applicants Join to apply for the
Cloud Security Engineer
role at
Improvix Technologies Improvix Technologies provided pay range
This range is provided by Improvix Technologies. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$120,000.00/yr - $180,000.00/yr Location:
Onsite, Washington, DC
Clearance Required:
Secret
About The Role
We are seeking an experienced Application Security Engineer to help secure a diverse technology ecosystem supporting federal systems. In this role, you'll work directly with development teams to assess, improve, and maintain the security posture of applications built in Python, JavaScript, and TypeScript, deployed across both on-prem and cloud environments (AWS, Azure).
The ideal candidate will have deep experience in security assessments, architecture reviews, and threat modeling. You'll help lead security engagements across the application lifecycle, using GitLab Security tools (SAST, DAST, IaC scanning), Fortify, and other toolsets to enforce secure-by-default practices across development pipelines.
Key Responsibilities
Security Assessment & Testing
Conduct security assessments of applications built with Python, JavaScript, and TypeScript. Perform architecture reviews and threat modeling to identify security risks. Conduct security testing using web application security tools and frameworks. Analyze application code and implementations to identify vulnerabilities. Maintain testing environments to support continuous assessments.
Vulnerability Management & Tool Integration
Manage GitLab Security suite (SAST, DAST, IaC) and Fortify scan tools. Triage and prioritize findings from automated scans based on risk. Integrate security testing into CI/CD pipelines and develop supporting methodologies. Maintain vulnerability management workflows and documentation.
Security Engineering & Architecture
Collaborate with engineering teams to implement secure-by-design architecture. Review cloud infrastructure and container deployments for best practices. Analyze full-stack systems including web UIs, APIs, orchestration platforms, and Linux-based containers. Identify systemic security issues and drive long-term architectural improvements.
Communication & Collaboration
Clearly communicate findings and recommendations across technical and non-technical teams. Work with product and engineering teams to align security with business needs. Deliver training on secure coding practices and document security processes and outcomes.
Required Qualifications
Technical Skills
3+ years of experience in application security. Proficient with Python, JavaScript, and TypeScript codebases. Cloud security experience in AWS and Azure. Experience with GitLab Security, Fortify, and web application testing tools. Understanding of SSDLC principles and integrating security into development pipelines.
Security Expertise
Strong knowledge of OWASP Top 10 and application-layer attack vectors. Experience with threat modeling and secure architecture reviews. Familiarity with DevSecOps practices and CI/CD tools (GitLab, GitHub, Jenkins, Ansible). Experience with infrastructure-as-code security and policy enforcement. Working knowledge of NIST 800-53 controls, risk assessment, and SOAR concepts.
Professional Skills
Strong analytical, communication, and collaboration skills. Ability to manage multiple projects and drive outcomes independently. Proactive in learning and staying ahead of emerging security threats.
Preferred Qualifications
Bachelor’s degree in Computer Science, Information Security, or related field. Experience with DevSecOps automation in CI/CD environments. Familiarity with Terraform, CloudFormation, or ARM templates. Understanding of secure software development lifecycle practices.
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Industries IT Services and IT Consulting Referrals increase your chances of interviewing at Improvix Technologies by 2x Sign in to set job alerts for “Security Engineer” roles.
Junior Full Stack Software Engineer (JAVA)
Washington, DC $100,000.00-$720,000.00 2 weeks ago Washington, DC $80,000.00-$120,000.00 4 days ago Fort Meade, MD $12,000.00-$150,000.00 4 weeks ago Annapolis Junction, MD $3,000.00-$5,250.00 1 week ago Junior Software Engineer - Fully Cleared (Prime)
Annapolis Junction, MD $127,000.00-$167,000.00 3 weeks ago Columbia, MD $70,000.00-$190,000.00 6 days ago Fort Meade, MD $70,000.00-$100,000.00 1 month ago Junior F/E Software Engineer (Hybrid) - 23684
Columbia, MD $89,769.00-$130,000.00 5 days ago Columbia, MD $70,000.00-$190,000.00 6 days ago Washington, DC $1,000.00-$2,000.00 2 months ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Cloud Security Engineer
role at
Improvix Technologies 2 days ago Be among the first 25 applicants Join to apply for the
Cloud Security Engineer
role at
Improvix Technologies Improvix Technologies provided pay range
This range is provided by Improvix Technologies. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$120,000.00/yr - $180,000.00/yr Location:
Onsite, Washington, DC
Clearance Required:
Secret
About The Role
We are seeking an experienced Application Security Engineer to help secure a diverse technology ecosystem supporting federal systems. In this role, you'll work directly with development teams to assess, improve, and maintain the security posture of applications built in Python, JavaScript, and TypeScript, deployed across both on-prem and cloud environments (AWS, Azure).
The ideal candidate will have deep experience in security assessments, architecture reviews, and threat modeling. You'll help lead security engagements across the application lifecycle, using GitLab Security tools (SAST, DAST, IaC scanning), Fortify, and other toolsets to enforce secure-by-default practices across development pipelines.
Key Responsibilities
Security Assessment & Testing
Conduct security assessments of applications built with Python, JavaScript, and TypeScript. Perform architecture reviews and threat modeling to identify security risks. Conduct security testing using web application security tools and frameworks. Analyze application code and implementations to identify vulnerabilities. Maintain testing environments to support continuous assessments.
Vulnerability Management & Tool Integration
Manage GitLab Security suite (SAST, DAST, IaC) and Fortify scan tools. Triage and prioritize findings from automated scans based on risk. Integrate security testing into CI/CD pipelines and develop supporting methodologies. Maintain vulnerability management workflows and documentation.
Security Engineering & Architecture
Collaborate with engineering teams to implement secure-by-design architecture. Review cloud infrastructure and container deployments for best practices. Analyze full-stack systems including web UIs, APIs, orchestration platforms, and Linux-based containers. Identify systemic security issues and drive long-term architectural improvements.
Communication & Collaboration
Clearly communicate findings and recommendations across technical and non-technical teams. Work with product and engineering teams to align security with business needs. Deliver training on secure coding practices and document security processes and outcomes.
Required Qualifications
Technical Skills
3+ years of experience in application security. Proficient with Python, JavaScript, and TypeScript codebases. Cloud security experience in AWS and Azure. Experience with GitLab Security, Fortify, and web application testing tools. Understanding of SSDLC principles and integrating security into development pipelines.
Security Expertise
Strong knowledge of OWASP Top 10 and application-layer attack vectors. Experience with threat modeling and secure architecture reviews. Familiarity with DevSecOps practices and CI/CD tools (GitLab, GitHub, Jenkins, Ansible). Experience with infrastructure-as-code security and policy enforcement. Working knowledge of NIST 800-53 controls, risk assessment, and SOAR concepts.
Professional Skills
Strong analytical, communication, and collaboration skills. Ability to manage multiple projects and drive outcomes independently. Proactive in learning and staying ahead of emerging security threats.
Preferred Qualifications
Bachelor’s degree in Computer Science, Information Security, or related field. Experience with DevSecOps automation in CI/CD environments. Familiarity with Terraform, CloudFormation, or ARM templates. Understanding of secure software development lifecycle practices.
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Industries IT Services and IT Consulting Referrals increase your chances of interviewing at Improvix Technologies by 2x Sign in to set job alerts for “Security Engineer” roles.
Junior Full Stack Software Engineer (JAVA)
Washington, DC $100,000.00-$720,000.00 2 weeks ago Washington, DC $80,000.00-$120,000.00 4 days ago Fort Meade, MD $12,000.00-$150,000.00 4 weeks ago Annapolis Junction, MD $3,000.00-$5,250.00 1 week ago Junior Software Engineer - Fully Cleared (Prime)
Annapolis Junction, MD $127,000.00-$167,000.00 3 weeks ago Columbia, MD $70,000.00-$190,000.00 6 days ago Fort Meade, MD $70,000.00-$100,000.00 1 month ago Junior F/E Software Engineer (Hybrid) - 23684
Columbia, MD $89,769.00-$130,000.00 5 days ago Columbia, MD $70,000.00-$190,000.00 6 days ago Washington, DC $1,000.00-$2,000.00 2 months ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr