Description:

phia is seeking an Application Security Engineer with hands-on experience using Veracode for application security testing and vulnerability management.
The ideal applicant should be proficient in utilizing Veracode's static and dynamic analysis tools and interpreting scan results, and able to provide clear and actionable remediation guidance.
This individual will work with the Federal client to maintain a resilient security posture for highly visible applications.
This position allows you to work remotely from anywhere within the United States.
U.S. citizenship is required, and the candidate must be able to obtain Public Trust approval.
Responsibilities include collaborating with the federal client and application teams, leading proactive security discussions, conducting comprehensive application security assessments, performing threat modeling, executing application penetration testing, implementing OWASP frameworks, developing security controls, providing expert guidance on remediation, and staying current with evolving security threats and compliance standards.

Requirements:

Veracode experience is a must.
A minimum of 6 years of Information Technology experience is required.
At least 3 years of experience supporting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Veracode.
A minimum of 2 years of experience with Java, Python, .NET, or C# is required.
At least 3 years of experience with Burp Suite is necessary.
A minimum of 3 years of experience in designing and implementing enterprise-wide security controls to secure applications, systems, networks, or infrastructure services is required.
Experience with Eclipse, JDeveloper, or Visual Studio is necessary.
Experience with securing enterprise web applications and knowledge of OWASP Top 10, CVSS, CWE, WASC, and SANS-25 is required.
Knowledge of federal compliance standards, including NIST 800-53, FIPS, or FedRAMP is necessary.
Familiarity with Linux or UNIX environments, including navigating and troubleshooting basic website connectivity issues is required.
The candidate must have the ability to obtain a security clearance.
A high school diploma or GED is required.
U.S. citizenship and the ability to obtain a Public Trust clearance are mandatory.

Comprehensive medical insurance, including dental and vision, is provided.
Short Term and Long-Term Disability benefits are available.
A 401k Retirement Savings Plan with Company Match is offered.
Tuition and Professional Development Assistance are provided to support career growth.
Flex Spending Accounts (FSA) are available for eligible employees.