Skip to Content
Search For Jobs

What's your expertise?

Where should we look?

Zip Code

25 miles

25 miles
50 miles
100 miles
500 miles
1000 miles
2500 miles

Job Type

Contract (268)
Permanent (60)


Engineering (299)
Finance (118)
IT (667)
Other Opportunity (133)
Main Content

Application Security Specialist

Location: Washington D.C., District of Columbia 20431
Posted:Wed, January 30, 2019
Salary:Up to US$0.0 per hour
Apply for this Job

Application Security Specialist
Washington, DC (metro accessible)

Under the supervision of the Chief Information Security Officer, and Application Security Lead, the Application Security Specialist will drive the design and adoption of application/operational security controls in compliance with the information security policies and standards. The specialist will assist Application Security Lead and Information Security Risk Managers for the continuous development of defensible architectures that align with the security architecture principles/information security risk tolerances, and are resilient against an evolving threat environment. This specialist will bridge the gap between technical requirements and actual implementation guidance.

Designing, implementing and maintaining Secure Applications and Application Security Architectures at organizations with regulatory compliance requirements
Information Risk, IT Security, Vulnerability and Compliance Management
Application Penetration testing
Secure Software Development
Application security development and Application Security architecture training
IT Security in the areas of identity and access management, application security, application layer firewalls, web server security, and database system security
Application Security Process Improvement

Must have hands on experience in conducting threat modeling, automated/manual penetration testing, and code review
Enterprise security architecture principles, standards and reference architecture
Risk management and control frameworks including ISO 27003, NIST SP 800-53, COSO, COBIT
IT GRC tools
Security architecture principles and models
Identity and access management technologies: RBAC, SSO, cloud SSO, and federation
Authentication and authorization technologies: multifactor, AD, kerberos, LDAP, fine/coarse-grained authorization, PKI, cryptographic techniques/algorithms
Web services security: SAML, WS-federation, WS-security, SOA, REST, WCF
Threat modeling techniques
Advanced programming
Application security testing tools
Security monitoring: SEIM, Arcsight, advanced correlation logic

Supports Application Security Lead, Information Security Risk Management and compliance officers by ensuring Applications and solutions are compliant to policies & Standards delivering alignment to the target security posture
Leads ongoing scanning and penetration testing of applications
Guides penetration testers and application vulnerability specialist in conducting assessments
Conducts threat modeling and technical risk assessments, ensures information security risk and control issues are clearly documented, and works with project teams to develop pragmatic risk remediation plans to address issues
Works with solution/enterprise architects, application teams, and project managers to design and implement application security controls
Works with application development teams to drive solutions through their lifecycle, influencing application security architecture, design, testing, road-map development, growth strategies, and business process integration
Advises application teams on secure development practices including secure coding, security testing, defining scan profiles, designing and implementing common application security services, designs and improves existing application security tool deployments including static analysis and runtime testing tools
Provides hands-on guidance and implementation expertise for performing secure code reviews, automated/manual penetration testing for applications

Experis is an Equal Opportunity Employer (EOE/AA)

Apply for this Job