Job Description

Responsibilities

We are seeking a highly skilled and innovative Application Security Engineer to join our team in the greater DMV area, supporting the Army National Guard.

Key Responsibilities

Define application security strategy, standards, and SDLC integration points; champion secure-by-design practices across engineering and DevSecOps teams.
Lead threat modeling and secure architecture reviews for applications, APIs, and microservices.
Design, implement, and manage automated security toolchain: SAST, DAST, SCA, IAST, secrets management, and pipeline gating.
Triage, validate, prioritize, and manage remediation of application vulnerabilities; coordinate remediation with developers, platform, and cloud teams.
Conduct exploit validation, root-cause analysis, and coordinate incident response for application security events.
Establish governance for vulnerability lifecycle, release security validation, and compliance reporting.
Develop security requirements, secure coding guidance, checklists, and developer training materials; deliver briefings to technical and executive audiences.
Evaluate emerging application threats and tools; recommend and pilot defensive technologies and processes.
Produce decision‑grade artifacts: architecture review reports, risk assessments, security test plans, and metrics dashboards.

#ENOCS

Qualifications

Required Qualifications

Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D.
Clearance: TS/SCI (active)
Education / Training / Certification: Candidate must meet ONE of the following:
Master’s or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR
Relevant DoD/Military training documented for application security or enterprise cybersecurity roles; OR
Relevant professional certifications or demonstrated equivalent experience (examples: CISSP‑ISSEP, CSSLP, GWAPT, GIAC application security certs).
Experience: Minimum 7 years application security/devsecops experience with at least 5 years in senior roles supporting enterprise or mission-critical systems.
Technical skills: Demonstrated experience with SAST/DAST/SCA/IAST tooling, CI/CD integration, threat modeling, secure architecture reviews, vulnerability lifecycle management, scripting/programming (Python, Java, C#, JavaScript), and cloud-native platforms (AWS/Azure/GCP).
Knowledge: OWASP Top 10, NIST SP 800 series, RMF/DoD policy, and secure coding best practices.

Preferred Qualifications

Certifications: CISSP‑ISSEP preferred; CSSLP, GWAPT, GWEP, or other GIAC application security certifications desirable.
Experience with container security, API security, secrets management, and pipeline gating in automated CI/CD environments.

#ENOCS

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

About Peraton

At Peraton, we're at the forefront of delivering the next big thing every day. We're the partner of choice to help solve some of the world's most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure.

How do we do it? By thinking differently. We're not mired in the past. We look at all problems with fresh eyes. We look past the obvious to bring the best talent, tech, and ideas together to completely transform how things get done. So bring your unique ideas, your entrepreneurial spirit, and your drive to succeed and get ready to be part of something bigger. Get ready to do the can't be done.

________

Recruitment fraud is a growing trend where fraudsters have been known to attempt to use our name to trick job seekers with fake employment opportunities. This type of scam is typically carried out through fake job postings, fake websites, or email accounts claiming to be from Peraton. The intent of recruitment fraud is to gain access to your personal information, such as your banking information, credit card number, or social security number.

Please be aware that our careers site can be found at careers.peraton.com and our corporate site can be found at peraton.com.

To learn more about Recruitment fraud and what to expect and not to expect from a Peraton recruiter, please visit: https://careers.peraton.com/recruitment-fraud/

Industry

IT & Software

Company Size

10,000+ employees

Headquarters

Reston, Virginia

Year Founded

2017

Website

peraton.com

Social Media