HHS - Application Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

cFocus Software Incorporated · 1 day ago

HHS - Application Security Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

cFocus Software seeks an Application Security Engineer to join their program supporting the Department of Health and Human Services (HHS). This role involves conducting application security assessments, providing remediation guidance, and integrating automated security testing within CI/CD pipelines.

ChatbotGovernmentInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Conduct application security assessments including SAST, DAST, SCA, SBOM analysis, and secure code reviews
Analyze vulnerability scan results and determine applicability, severity, and business risk
Provide remediation guidance to developers based on secure coding standards (OWASP, NIST, HHS guidance)
Support integration of automated security testing within CI/CD pipelines
Perform API security testing including authentication, authorization, and endpoint validation
Validate remediation through follow-up testing and evidence review
Support penetration testing activities related to application and web services
Maintain application security documentation, reports, and dashboards
Support zero-day and KEV-based vulnerability response activities
Coordinate with ISSOs, system owners, and developers to ensure vulnerabilities are tracked and remediated within SLA

Qualification

Application SecuritySAST/DAST toolsDevSecOpsOWASP Top 10Federal security standardsSecurity certificationsCommunication skills

Required

Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or related field
5+ years of experience in application security or secure software development
Hands-on experience with SAST/DAST tools, dependency scanning, and code review
Knowledge of OWASP Top 10, secure coding practices, and vulnerability remediation
Experience supporting DevSecOps and CI/CD security integration
Familiarity with federal security standards (NIST SP 800-53, RMF, FISMA)
Strong written and verbal communication skills
Ability to obtain a Public Trust clearance

Preferred

CSSLP, GWAPT, CEH, or equivalent
AWS/Azure security certifications

Company

cFocus Software Incorporated

twittertwitter
company-logo
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
dateFounded in 2006
location
Largo, Florida, USA
people-size11-50 employees
web-link
https://cfocussoftware.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
linkedin
Company data provided by crunchbase