Application Security Engineer

DecisionPoint seeks an Application Security Engineer to perform advanced application-layer security assessments, secure coding reviews, vulnerability analysis, and security integration for enterprise applications supporting a federal and DoD-aligned mission environment. This role ensures secure development practices across CMS components, APIs, integrations, CI/CD pipelines, and custom code. 

The Application Security Engineer supports secure coding standards, threat modeling, static and dynamic testing, and secure secrets management. This position plays a critical role in strengthening application-level defenses, reducing vulnerabilities, and ensuring mission systems meet stringent DoD security requirements. 

This position is fully remote. 

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid. 

The Application Security Engineer will: 

• Conduct secure code reviews, focusing on application logic, API endpoints, CMS modules, and backend integrations. 

• Perform API security assessments to validate authentication, authorization, data handling, and boundary protections. 

• Support CMS hardening by reviewing templates, modules, configurations, and custom components for secure implementation. 

• Integrate security requirements into CI/CD pipelines including SAST/DAST tools, dependency scanning, and automated controls. 

• Manage secrets handling, encryption policies, and secure storage of API keys, tokens, and credentials. 

• Conduct static and dynamic application security testing, vulnerability assessments, and remediation validation. 

• Provide secure coding guidance to developers, architects, and product teams. 

• Work with DevSecOps and cloud engineers to ensure secure build and deployment patterns. 

• Perform threat modeling and recommend mitigations for high-risk application features. 

• Review and validate authentication flows, SSO integrations, and identity-related protections. 

• Assist with security documentation including test results, remediation plans, and secure configuration records. 

• Support continuous monitoring, log analysis, and triage of application-layer security alerts. 

• Participate in sprint teams, code review cycles, and architecture discussions to embed security early. 

Clearance Requirement 

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation. 

Education (Required) 

Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field. 

Experience (Required) 

• Minimum 7 years of experience in application security engineering, secure software development, or cybersecurity. 

• Experience conducting code reviews, application penetration testing, or API security testing. 

• Experience with static and dynamic testing tools, dependency scanning, and software composition analysis. 

• Experience supporting secure CI/CD pipeline integration and DevSecOps practices. 

• Experience implementing secure secrets management, encryption, and authentication protections. 

Technical Knowledge (Required) 

• Strong understanding of OWASP Top 10, secure coding principles, and application-layer attack vectors. 

• Experience with SAST/DAST tools, dependency scanners, and code review workflows. 

• Knowledge of API security, token-based authentication, and secure data handling. 

• Familiarity with CMS structures, template security, and module-level risk considerations. 

• Understanding of identity and access management, certificate management, and secure authentication flows. 

Technical Knowledge (Preferred) 

• Experience with AWS cloud-native application security tools. 

• Familiarity with container security, Kubernetes workload protections, and microservices security. 

• Experience with modern CI/CD platforms and DevSecOps automation. 

Certifications 

Required: 

• Security+ or CISSP or CCSP 

Preferred: 

• AWS Security Specialty 

• GIAC secure coding or cloud security certifications 

• Certified Ethical Hacker (CEH) 

Skills 

• Strong analytical and problem-solving skills for identifying and remediating application-layer vulnerabilities. 

• Ability to clearly communicate technical risks, secure coding guidance, and remediation recommendations. 

• Strong attention to detail when reviewing code, configurations, and test results. 

• Ability to work collaboratively with developers, cloud engineers, PMO staff, and mission stakeholders. 

• Commitment to integrating security early and continuously throughout the development lifecycle. 

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.