Application Security Engineer

peraton· Cyber Security
Apply Now ↗
📍 Herndon, VA, USFULL TIME

About this role

Responsibilities

We are seeking a highly skilled and innovative Application Security Engineer to join our team in the greater DMV area, supporting the Army National Guard.

 

Key Responsibilities

  • Define application security strategy, standards, and SDLC integration points; champion secure-by-design practices across engineering and DevSecOps teams.
  • Lead threat modeling and secure architecture reviews for applications, APIs, and microservices.
  • Design, implement, and manage automated security toolchain: SAST, DAST, SCA, IAST, secrets management, and pipeline gating.
  • Triage, validate, prioritize, and manage remediation of application vulnerabilities; coordinate remediation with developers, platform, and cloud teams.
  • Conduct exploit validation, root-cause analysis, and coordinate incident response for application security events.
  • Establish governance for vulnerability lifecycle, release security validation, and compliance reporting.
  • Develop security requirements, secure coding guidance, checklists, and developer training materials; deliver briefings to technical and executive audiences.
  • Evaluate emerging application threats and tools; recommend and pilot defensive technologies and processes.
  • Produce decision‑grade artifacts: architecture review reports, risk assessments, security test plans, and metrics dashboards.

#ENOCS

Qualifications

Required Qualifications

  • Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D.
  • Clearance: TS/SCI (active)
  • Education / Training / Certification: Candidate must meet ONE of the following:
  • Master’s or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR
  • Relevant DoD/Military training documented for application security or enterprise cybersecurity roles; OR
  • Relevant professional certifications or demonstrated equivalent experience (examples: CISSP‑ISSEP, CSSLP, GWAPT, GIAC application security certs).
  • Experience: Minimum 7 years application security/devsecops experience with at least 5 years in senior roles supporting enterprise or mission-critical systems.
  • Technical skills: Demonstrated experience with SAST/DAST/SCA/IAST tooling, CI/CD integration, threat modeling, secure architecture reviews, vulnerability lifecycle management, scripting/programming (Python, Java, C#, JavaScript), and cloud-native platforms (AWS/Azure/GCP).
  • Knowledge: OWASP Top 10, NIST SP 800 series, RMF/DoD policy, and secure coding best practices.

Preferred Qualifications

  • Certifications: CISSP‑ISSEP preferred; CSSLP, GWAPT, GWEP, or other GIAC application security certifications desirable.
  • Experience with container security, API security, secrets management, and pipeline gating in automated CI/CD environments.

#ENOCS

 

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Frequently Asked Questions

Is the salary disclosed for the Application Security Engineer position at peraton?
The salary for this Application Security Engineer role at peraton is not publicly listed. Click "Apply Now" to learn more about the compensation package on their official careers page.
Where is the Application Security Engineer position at peraton located?
This Application Security Engineer role at peraton is based in Herndon, VA, US. The position is listed as on-site or hybrid. Check the full job description or apply directly to confirm the work arrangement.
Is the Application Security Engineer role at peraton full-time or part-time?
This is listed as a FULL TIME position. It is posted as a Application Security Engineer role in the Cyber Security department at peraton.
Which team or department does the Application Security Engineer at peraton belong to?
This Application Security Engineer position is part of the Cyber Security department at peraton. See the full job description for more information about the team structure and responsibilities.
How do I apply for the Application Security Engineer position at peraton?
Click the "Apply Now" button on this page. You will be redirected to peraton's official application portal hosted on icims where you can submit your application directly.
When was the Application Security Engineer job at peraton posted?
This Application Security Engineer position at peraton was posted on Mar 24, 2026. Apply as soon as possible — early applications are often reviewed first.
Application Security Engineer
peraton
Apply for this role ↗

You'll be redirected to peraton's official application page on icims.