What are the responsibilities and job description for the Web Developer / Application Security (AppSec) Engineer position at ASSYST?
We are seeking a Web Developer / Application Security (AppSec) Engineer with expertise in secure software development and application security. The ideal candidate will have experience implementing Secure SDLC (SSDLC), DevSecOps automation, vulnerability remediation, and protecting web applications against the OWASP Top 10.
Responsibilities
Responsibilities
- Secure web applications and REST APIs through SSDLC and DevSecOps practices, perform application security testing, remediate vulnerabilities, analyze security logs, and implement Web Application Firewall (WAF) and file integrity monitoring.
- Develop and support applications using REST APIs, SQL, .NET/C#, JavaScript, Python, Node.js, React, and TypeScript, while leveraging security tools including SIEM, IDS/IPS, EDR/NDR, and Wireshark.
- Experience with federal cybersecurity frameworks, including NIST, FISMA, and FedRAMP.
- U.S. Citizenship is required due to the nature of the work performed in support of a federal agency.
- Certifications such as CSSLP, GWEB, CASE, OSWE, OSCP, Security , GSEC, or equivalent. Strong Application Security and offensive security certifications are highly desirable.