Sprymethods
Web Developer Security Engineer
Company
Role
Web Developer Security Engineer
Location
US
Job type
Proposal position
Found on Mokaru
🔥Recently
Salary
Job description
What Your Day-To-Day Looks Like (Position Responsibilities): •
Identify , analyze, and remediate critical vulnerabilities, logic flaws, insecure dependencies, and misconfigurations in web applications and APIs.
•
Drive the vulnerability lifecycle through threat modeling, security assessments, and technical validation of remediation actions.
•
Support secure design patterns, data protection mechanisms, and secure communication protocols across applications and supporting services.
•
Review and analyze web server and application logs to detect anomalies and indicators of compromise.
•
Implement automation scripts for threat intelligence integration and application security monitoring.
•
Participate in audits, risk assessments, and security authorization activities tied to federal frameworks.
What You Need to Succeed (Minimum Requirements): •
Minimum of three years of experience in web application security, application security engineering, or secure software development lifecycle work.
•
Hands-on experience in secure software development, DevSecOps automation, and vulnerability remediation.
•
Proven experience with .NET technologies, HTML5, CSS3, JavaScript, representational state transfer (REST) APIs, and structured query language (SQL).
•
Ability to leverage AI-assisted development tools and scripting languages to automate monitoring and compliance efforts.
•
Strong understanding of the Open Worldwide Application Security Project (OWASP) Top 10, secure coding standards, web application firewalls (WAFs), file integrity monitoring, and security testing tools.
•
Ability to perform risk assessments and provide remediation guidance for core systems and dependencies.
•
Bachelor's degree or higher in computer science, cybersecurity, information systems, engineering, or a related field.
•
Ability to meet federal screening and suitability requirements prior to start.
•
Current security certifications maintained for a minimum of five years, spanning application security (such as CSSLP, GWEB, or CASE), offensive security (such as OSWE or OSCP), and foundational security (such as Security+ or GSEC); expired or never-used certifications will not be considered.
Ideally, You Also Have (Preferred Qualifications): •
In-depth experience with federal cybersecurity frameworks and authorization processes.
•
Experience with threat modeling, resilient security architecture, cloud security, and container security.
