At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients. phia is seeking an Application Security Engineer to collaborate with a Federal client and thier key stakeholders in maintaining a robust security posture. This remote position offers the flexibility to work from home anywhere within the United States. U.S. citizenship is required with the ability to obtain public trust status. As a member of the Application Security Team, you will tackle complex security challenges, and develop innovative solutions, while having a meaningful impact on national security. If you are passionate about problem-solving, driven by innovation, and eager to contribute to the nation's cybersecurity efforts, we invite you to explore this opportunity.
\n What You'll DoRemediate application security flaws in conjunction with the application security team.Lead security discussions with the application teams to prescribe security best practices within their development lifecycle.Perform dynamic and static application performance testing, perform security requirements creation or generation level threat modeling leveraging tools, including SD elements, and perform application level testing using applications such as Burp Suite. Work with the latest OWASP frameworks. Required: Education + Experience Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field. Additional years of experience may be substituted for a degree. 3+ years of experience with Java, Python, .NET, or C#3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, network, or infrastructure servicesExperience with Eclipse, Visual Studio, or JDeveloper, including pipeline developmentExperience with setting up SAML authenticationAbility to write Amazon CloudFormation Templates (CFT)Ability to manage MySQL databasesAbility to troubleshoot Linux Nftables and IPTables at the command line Desired Certifications (one or more) Secuirity+AWS Certified Solutions Architect or Developer Certification (AWS)Cisco Certified Network Associate (CCNA)Microsoft Certified Solutions Expert (MCSE)Red Hat Certified System Administrator (RHCSA)EC-Council Certified Security Specialist (ECSS) Bonus points if you have: Experience with one or more of the following technologies: Networking, including CISCO, Juniper, or Palo Alto, operating systems, including Windows Server, Redhat, or Linux, cloud services, including AWS, Azure, Salesforce, Okta, O365, or ServiceNow, or Mobile Technologies, including iOS or Xen MobileExperience with designing, building, and implementing automation tools, including Ansible, Chef, or PuppetExperience with Infrastructure as Code tools, including Cloud Formations or TerraformExperience with container platforms, including OpenShiftExperience with chaos engineering and blue or green deploymentsExperience with Serverless, including Lambda, API Gateway, Step Functions, and SAMExperience with application performance analysis and monitoring, including ELKExperience with an Agile release methodologyExperience with securing cloud-based systemsKnowledge of NIST 800 Series Instruction/CNSS Directives/Information Assurance regulationsKnowledge of SDN/SDP and hybrid architecturesAbility to describe the differences between, and develop, various TIC 3.0 documentationAbility to communicate complex and technical concepts clearlyAbility to compellingly justify security architecture decisions and direction to align others to a common vision Security Clearance U.S. Citizenship requiredApplicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Public Trust determination is required
\n#LI-LC1
Who You Are A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment. Intellectually curious with a genuine desire to learn and advance your career. An effective communicator, both verbally and in writing. Customer service-oriented and mission-focused. Critical thinker with excellent problem-solving skills If your experience and qualifications aren't a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit. Who We Are phia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities. phia values work-life balance and offers the following benefits to full-time employees: Comprehensive medical insurance to include dental and vision Short Term & Long-Term Disability 401k Retirement Savings Plan with Company Match Tuition and Professional Development Assistance Flex Spending Accounts (FSA) phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.