← All verified jobs

Web Developer / Application Security (AppSec) Engineer

assyst Washington DC

See all open roles at assyst

Ghost-risk verdict

Likely real

  • 589 open roles at this company in 30 days (mass-hiring blitz)
  • no salary disclosed (correlates with ghost postings)

How we score ghost risk →

See your fit for this role and apply with a truthfully tailored résumé.

See my fit, free

About the role

We are seeking a Web Developer / Application Security (AppSec) Engineer with expertise in secure software development and application security. The ideal candidate will have experience implementing Secure SDLC (SSDLC), DevSecOps automation, vulnerability remediation, and protecting web applications against the OWASP Top 10.

Responsibilities

Secure web applications and REST APIs through SSDLC and DevSecOps practices, perform application security testing, remediate vulnerabilities, analyze security logs, and implement Web Application Firewall (WAF) and file integrity monitoring.

Develop and support applications using REST APIs, SQL, .NET/C#, JavaScript, Python, Node.js, React, and TypeScript, while leveraging security tools including SIEM, IDS/IPS, EDR/NDR, and Wireshark.

Preferred Qualifications

Experience with federal cybersecurity frameworks, including NIST, FISMA, and FedRAMP.

U.S. Citizenship is required due to the nature of the work performed in support of a federal agency.

Certifications such as CSSLP, GWEB, CASE, OSWE, OSCP, Security+, GSEC, or equivalent. Strong Application Security and offensive security certifications are highly desirable.

ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law

Stop applying to ghosts.

OyaPilot surfaces only verified, real jobs, scores your fit, and tailors your application truthfully.