Logo
Improvix Technologies

Cloud Security Engineer

Improvix Technologies, Washington

Save Job

Join to apply for the Cloud Security Engineer role at Improvix Technologies

2 days ago Be among the first 25 applicants

Join to apply for the Cloud Security Engineer role at Improvix Technologies

Improvix Technologies provided pay range

This range is provided by Improvix Technologies. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

$120,000.00/yr - $180,000.00/yr

Location: Onsite, Washington, DC
Clearance Required: Secret
About The Role
We are seeking an experienced Application Security Engineer to help secure a diverse technology ecosystem supporting federal systems. In this role, you'll work directly with development teams to assess, improve, and maintain the security posture of applications built in Python, JavaScript, and TypeScript, deployed across both on-prem and cloud environments (AWS, Azure).
The ideal candidate will have deep experience in security assessments, architecture reviews, and threat modeling. You'll help lead security engagements across the application lifecycle, using GitLab Security tools (SAST, DAST, IaC scanning), Fortify, and other toolsets to enforce secure-by-default practices across development pipelines.
Key Responsibilities
 Security Assessment & Testing

  • Conduct security assessments of applications built with Python, JavaScript, and TypeScript.
  • Perform architecture reviews and threat modeling to identify security risks.
  • Conduct security testing using web application security tools and frameworks.
  • Analyze application code and implementations to identify vulnerabilities.
  • Maintain testing environments to support continuous assessments.
Vulnerability Management & Tool Integration
  • Manage GitLab Security suite (SAST, DAST, IaC) and Fortify scan tools.
  • Triage and prioritize findings from automated scans based on risk.
  • Integrate security testing into CI/CD pipelines and develop supporting methodologies.
  • Maintain vulnerability management workflows and documentation.
Security Engineering & Architecture
  • Collaborate with engineering teams to implement secure-by-design architecture.
  • Review cloud infrastructure and container deployments for best practices.
  • Analyze full-stack systems including web UIs, APIs, orchestration platforms, and Linux-based containers.
  • Identify systemic security issues and drive long-term architectural improvements.
Communication & Collaboration
  • Clearly communicate findings and recommendations across technical and non-technical teams.
  • Work with product and engineering teams to align security with business needs.
  • Deliver training on secure coding practices and document security processes and outcomes.
Required Qualifications
 Technical Skills
  • 3+ years of experience in application security.
  • Proficient with Python, JavaScript, and TypeScript codebases.
  • Cloud security experience in AWS and Azure.
  • Experience with GitLab Security, Fortify, and web application testing tools.
  • Understanding of SSDLC principles and integrating security into development pipelines.
Security Expertise
  • Strong knowledge of OWASP Top 10 and application-layer attack vectors.
  • Experience with threat modeling and secure architecture reviews.
  • Familiarity with DevSecOps practices and CI/CD tools (GitLab, GitHub, Jenkins, Ansible).
  • Experience with infrastructure-as-code security and policy enforcement.
  • Working knowledge of NIST 800-53 controls, risk assessment, and SOAR concepts.
Professional Skills
  • Strong analytical, communication, and collaboration skills.
  • Ability to manage multiple projects and drive outcomes independently.
  • Proactive in learning and staying ahead of emerging security threats.
Preferred Qualifications
  • Bachelor’s degree in Computer Science, Information Security, or related field.
  • Experience with DevSecOps automation in CI/CD environments.
  • Familiarity with Terraform, CloudFormation, or ARM templates.
  • Understanding of secure software development lifecycle practices.

Seniority level

  • Seniority level

    Mid-Senior level

Employment type

  • Employment type

    Full-time

Job function

  • Job function

    Information Technology

  • Industries

    IT Services and IT Consulting

Referrals increase your chances of interviewing at Improvix Technologies by 2x

Sign in to set job alerts for “Security Engineer” roles.

Junior Full Stack Software Engineer (JAVA)

Washington, DC $100,000.00-$720,000.00 2 weeks ago

Washington, DC $80,000.00-$120,000.00 4 days ago

Fort Meade, MD $12,000.00-$150,000.00 4 weeks ago

Annapolis Junction, MD $3,000.00-$5,250.00 1 week ago

Junior Software Engineer - Fully Cleared (Prime)

Annapolis Junction, MD $127,000.00-$167,000.00 3 weeks ago

Columbia, MD $70,000.00-$190,000.00 6 days ago

Fort Meade, MD $70,000.00-$100,000.00 1 month ago

Junior F/E Software Engineer (Hybrid) - 23684

Columbia, MD $89,769.00-$130,000.00 5 days ago

Columbia, MD $70,000.00-$190,000.00 6 days ago

Washington, DC $1,000.00-$2,000.00 2 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr