This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

Leidos is seeking an Application Security Engineer as part of our DevOps team in support of a large-scale, complex Software program within the Department of Justice. This role focuses on securing the application including identifying vulnerabilities in code, designing security controls, conducting code reviews and performing penetration tests, with the goal of proactively preventing security breaches by inserting security measures throughout the software development lifecycle.

• Conduct security integration efforts across the software development lifecycle.
• Support the maintenance of a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues.
• Identify vulnerabilities in code and work with developers to remediate them.
• Automate security testing in CI/CD pipelines.
• Conduct advanced threat modeling and oversee secure architectural choices.
• Perform security incident response and remediation efforts.
• Establish secure coding practices and conduct training sessions.
• Track and report progress on security vulnerabilities in formal reviews.
• Collect compliance evidence in support of reviews and audits.

Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, or related field with 5 years of experience.
• 3+ years of experience in application security engineering.
• Expertise in security tools, security controls and frameworks, and incident response.
• Strong leadership and communication skills.

Requirements

• Experience with compliance evidence collection and risk-based release gating.
• Familiarity with container security standards and IAM governance.
• Knowledge of security scanning integration and vulnerability management.

Benefits

• Pay Range: $87,100.00 - $157,450.00
• The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary.
• Additional factors considered in extending an offer include responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.