Description Hybrid 3 days onsite in Tysons Corner, VA A private, non‑governmental entity that functions as a self‑regulatory organization, responsible for oversight, enforcement, and dispute resolution within the securities industry, following the consolidation of earlier regulatory organizations. The organization is currently seeking an Application Security Engineer to support its technology and security initiatives. We can facilitate w2 and corp-to-corp consultants. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance. Rate: $70.00 to $80.00/hr. w2 Responsibilities Perform security assessments and manual application penetration testing using Burp Suite and related proxy tools. Triage SAST, DAST, and IAST results to identify, prioritize, and support remediation of vulnerabilities. Integrate application security controls into CI/CD pipelines to support DevSecOps. Maintain documentation for findings, remediation plans, and compliance requirements. Develop and interpret security policies and procedures and participate in compliance efforts. Develop and deliver general security awareness and technology‑specific training for developers and assurance engineers. Evaluate and recommend emerging security products and technologies. Leverage GenAI technologies to scale security reviews and automate code analysis. Evaluate application security tools and capabilities including SAST, DAST, IaC, and secrets detection. Monitor and stay current with emerging security threats and countermeasures. Conduct AWS configuration reviews. Experience Requirements 5+ years of experience in cybersecurity and application security. Hands‑on experience with SAST, DAST, and IAST tools. Proficiency with manual application penetration testing using Burp Suite or similar tools. Strong knowledge of OWASP Top 10 issues and remediation practices. Understanding of AWS services and security configurations. Experience integrating security into CI/CD using tools such as Jenkins and GitLab. Proficiency in one or more programming languages, with Java, Python, or JavaScript preferred. Strong background in security engineering, system and network security, authentication and security protocols, cryptography, and application security. Experience with infrastructure or application‑level vulnerability testing and auditing. Experience consistently implementing security solutions. Familiarity with GenAI tools (preferred). Software development background (preferred). Certifications such as GWAPT, OSWE, or Burp Suite Certified Practitioner (preferred). Education Requirements Bachelor's degree in computer science, computer engineering, or a related technical field. Certifications such as GWAPT, OSWE, or Burp Suite Certified Practitioner. AWS‑related certifications (preferred). #J-18808-Ljbffr