GuidePoint Security LLC
Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, D
GuidePoint Security LLC, Los Angeles, California, United States
Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)
Reston, VA GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Overview : We are seeking an Application Security Engineer with strong SAST experience to support client projects in the Mid-Atlantic region. The role focuses on implementing, operationalizing, and troubleshooting SAST tools and integrating secure coding practices throughout the Software Development Lifecycle (SDLC). Responsibilities : Proficiency with the implementation, operationalization, and troubleshooting of Static Application Security Testing (SAST) tools such as Semgrep, Snyk, CodeQL, Checkmarx, Veracode, and similar tools. Understand CI/CD pipelines and processes (e.g., GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI) and embed security practices within pipelines. Contribute as part of software engineering teams, ideally with full-stack development experience across modern technologies and architectures. Develop and apply scripting/automation using one or more programming languages. Apply application security fundamentals (OWASP Top 10, threat modeling, secure coding practices) across the SDLC. Demonstrate strong written and verbal communication skills for collaboration with technical and non-technical stakeholders. Preferred : Experience writing or adapting custom SAST rules (Semgrep or CodeQL). Familiarity with additional security testing tools (IAST, DAST, SCA, API security) and API security tools. Hands-on experience validating vulnerabilities and using Burp Suite; knowledge of secure development lifecycles and vulnerability triage/remediation. Understanding of automated security testing approaches and integrating security tooling into CI/CD. Experience building and operating security tools within CI/CD pipelines and proactively integrating security into development processes. Past experience as an application security practitioner or software engineer. Educational & Professional Credentials : Bachelor’s degree in a relevant discipline or equivalent experience 3-5 years of security engineering experience in the information security industry EEO & Employment Notice : GuidePoint Security is an equal opportunity employer. We may use standard applicant tracking systems (e.g., Greenhouse) and scheduling tools for HR processes. We may request voluntary self-identification information for compliance purposes; participation is voluntary and confidential. Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since 2011, GuidePoint has grown to over 1000 employees, with strategic partnerships and a large and diverse customer base. Perks & Benefits : Remote workforce primarily (U.S. based; some travel may be required) Group medical, dental insurance options Flexible time off and holidays Mobile phone and home internet allowance Eligibility for retirement plan after open enrollment Interested in building your career at GuidePoint Security? Create a job alert or apply for this job through our careers portal.
#J-18808-Ljbffr
Reston, VA GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Overview : We are seeking an Application Security Engineer with strong SAST experience to support client projects in the Mid-Atlantic region. The role focuses on implementing, operationalizing, and troubleshooting SAST tools and integrating secure coding practices throughout the Software Development Lifecycle (SDLC). Responsibilities : Proficiency with the implementation, operationalization, and troubleshooting of Static Application Security Testing (SAST) tools such as Semgrep, Snyk, CodeQL, Checkmarx, Veracode, and similar tools. Understand CI/CD pipelines and processes (e.g., GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI) and embed security practices within pipelines. Contribute as part of software engineering teams, ideally with full-stack development experience across modern technologies and architectures. Develop and apply scripting/automation using one or more programming languages. Apply application security fundamentals (OWASP Top 10, threat modeling, secure coding practices) across the SDLC. Demonstrate strong written and verbal communication skills for collaboration with technical and non-technical stakeholders. Preferred : Experience writing or adapting custom SAST rules (Semgrep or CodeQL). Familiarity with additional security testing tools (IAST, DAST, SCA, API security) and API security tools. Hands-on experience validating vulnerabilities and using Burp Suite; knowledge of secure development lifecycles and vulnerability triage/remediation. Understanding of automated security testing approaches and integrating security tooling into CI/CD. Experience building and operating security tools within CI/CD pipelines and proactively integrating security into development processes. Past experience as an application security practitioner or software engineer. Educational & Professional Credentials : Bachelor’s degree in a relevant discipline or equivalent experience 3-5 years of security engineering experience in the information security industry EEO & Employment Notice : GuidePoint Security is an equal opportunity employer. We may use standard applicant tracking systems (e.g., Greenhouse) and scheduling tools for HR processes. We may request voluntary self-identification information for compliance purposes; participation is voluntary and confidential. Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since 2011, GuidePoint has grown to over 1000 employees, with strategic partnerships and a large and diverse customer base. Perks & Benefits : Remote workforce primarily (U.S. based; some travel may be required) Group medical, dental insurance options Flexible time off and holidays Mobile phone and home internet allowance Eligibility for retirement plan after open enrollment Interested in building your career at GuidePoint Security? Create a job alert or apply for this job through our careers portal.
#J-18808-Ljbffr