Santcore Technologies · 22 hours ago
Application Security Engineer
Tysons Corner, VA
Contract
Onsite
Senior Level
5+ years expSantcore Technologies is seeking a Senior Application Security Engineer for a contract engagement with one of our premier regulatory clients in Tysons, VA. This role is responsible for planning, coordinating, and implementing application security practices across the full Software Development Life Cycle (SDLC).
Information Technology & Services
Responsibilities
Perform security assessments and manual penetration testing using tools such as Burp Suite and other proxy-based testing tools
Triage and analyze findings from SAST, DAST, and IAST tools to identify, prioritize, and remediate application security vulnerabilities
Integrate application security controls into CI/CD pipelines to support DevSecOps initiatives
Support vulnerability remediation by working closely with development and engineering teams
Maintain detailed documentation of security findings, remediation plans, and compliance requirements
Develop, interpret, and enforce application security policies, standards, and procedures
Participate in security compliance and assurance activities
Develop and deliver security awareness and technical training for developers and assurance engineers
Evaluate, recommend, and onboard new and emerging application security tools and technologies
Leverage GenAI-based security tools to scale application security reviews and automate code analysis
Evaluate application security capabilities including SAST, DAST, IaC scanning, and secrets detection tools
Stay current with emerging security threats, vulnerabilities, and countermeasures
Clearly explain common application security issues and remediation guidance to development teams
Perform AWS configuration and security reviews to identify misconfigurations and risks
Qualification
Required
Bachelor's degree in Computer Science, Computer Engineering, or a related technical field
5+ years of experience in Cybersecurity with a strong focus on Application Security
Hands-on experience with SAST, DAST, and IAST tools
Strong understanding of AWS security concepts and configurations
Deep knowledge of OWASP Top 10 vulnerabilities and remediation best practices
Proficiency in at least one programming language: Java, Python, or JavaScript
Experience working with CI/CD tools such as Jenkins and GitLab
Solid background in security engineering, authentication mechanisms, cryptography, and application security
Experience performing application-level and infrastructure-level vulnerability testing and audits
Ability to consistently implement and validate security solutions across environments
Preferred
Software development background
Familiarity with GenAI-based security tools
Industry certifications such as: GWAPT, OSWE, Burp Suite Certified Practitioner
Company
Santcore Technologies
Santcore Technologies is a multidisciplinary IT consulting and solutions firm specializing in cybersecurity, GRC, cloud architecture, application security, digital transformation, and enterprise technology staffing.
11-50 employees
H1B Sponsorship
Santcore Technologies has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (2)
2023 (1)
Funding
Current Stage
Early StageCompany data provided by crunchbase