Job Requirements
Seaside, CA
Secret Polygraph Unspecified
Career Level not specified
$140,000 - $195,000
Job Description
Razor is looking for an Application Security Engineer to support the Defense Client Data Center (DMDC) Cyber PRIMES program by integrating security throughout the software development lifecycle and protecting enterprise applications supporting critical Department of Defense missions. The role focuses on application security, secure software development, vulnerability management, DevSecOps, and security testing to ensure enterprise applications meet DoD cybersecurity and compliance requirements.
Education & Certification Requirements: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Software Engineering, or a related field (or equivalent experience). Relevant DoD 8140 certifications and industry certifications are preferred and may be required based on program requirements.
Clearance Requirements: Active DoD Secret clearance required. Some positions may require Top Secret/SCI clearance. U.S. Citizenship required.
Location: Seaside, CA or Alexandria, VA (Mark Center). Flexible for occasional telework; candidates must reside locally.
Estimated Salary Range: $ - $ annually, depending on experience, certifications, clearance level, and geographic location.
Responsibilities:
Qualifications:
Desired Skills:
Employer Information: Razor is an EEO Employer. Razor is an Equal Opportunity Employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic.
Benefits Overview: Razor offers a comprehensive benefits package which may include medical, dental, and vision insurance, paid time off, holidays, 401(k) with company match, professional development opportunities, and other competitive benefits designed to support the health and well-being of our employees.
Education & Certification Requirements: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Software Engineering, or a related field (or equivalent experience). Relevant DoD 8140 certifications and industry certifications are preferred and may be required based on program requirements.
Clearance Requirements: Active DoD Secret clearance required. Some positions may require Top Secret/SCI clearance. U.S. Citizenship required.
Location: Seaside, CA or Alexandria, VA (Mark Center). Flexible for occasional telework; candidates must reside locally.
Estimated Salary Range: $ - $ annually, depending on experience, certifications, clearance level, and geographic location.
Responsibilities:
- Integrate security throughout the software development lifecycle (SDLC) to support secure application development
- Perform application security assessments, code analysis, and vulnerability identification for enterprise applications
- Conduct Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and other security testing activities
- Partner with software developers and DevSecOps teams to remediate application vulnerabilities and strengthen application security
- Support secure software design reviews, architecture assessments, and threat modeling activities
- Develop secure coding guidance and security best practices for development teams
- Support implementation of DevSecOps security controls and automated security testing within CI/CD pipelines
- Analyze security findings and recommend mitigation strategies to reduce application risk
- Support Risk Management Framework (RMF) activities and ensure application compliance with DoD cybersecurity requirements
- Develop security documentation, assessment reports, and technical recommendations
- Collaborate with cybersecurity engineers, architects, and program stakeholders to strengthen enterprise application security
Qualifications:
- Experience supporting application security, secure software development, or DevSecOps initiatives
- Knowledge of secure software development lifecycle (SSDLC) principles and secure coding practices
- Experience performing application security testing, vulnerability analysis, and remediation
- Experience with SAST, DAST, SCA, or similar application security testing methodologies
- Experience supporting CI/CD pipelines and automated security testing
- Knowledge of common application security risks, including the OWASP Top 10
- Familiarity with secure software architecture, threat modeling, and code review practices
- Experience supporting Department of Defense or Federal cybersecurity environments
- Strong analytical, troubleshooting, and problem-solving skills
- Excellent written and verbal communication skills
Desired Skills:
- Top Secret/SCI clearance
- Security+, CISSP, CSSLP, GIAC, CEH, or other DoD 8140-compliant certifications
- Experience supporting DevSecOps environments and cloud-native application security
- Experience with GitLab, Jenkins, Azure DevOps, GitHub, SonarQube, Checkmarx, Fortify, Veracode, or similar security tools
- Experience supporting container security, Kubernetes, Docker, or Infrastructure as Code (IaC) security
- Knowledge of NIST RMF, NIST 800-53, Zero Trust Architecture, and DoD cybersecurity requirements
- Experience supporting enterprise Department of Defense application environments
Employer Information: Razor is an EEO Employer. Razor is an Equal Opportunity Employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic.
Benefits Overview: Razor offers a comprehensive benefits package which may include medical, dental, and vision insurance, paid time off, holidays, 401(k) with company match, professional development opportunities, and other competitive benefits designed to support the health and well-being of our employees.
group id: 91123694