Senior Application Security Architect

Job title: Senior Application Security Architect

Company: Leidos

Job description: As the largest provider of IT services, Leidos develops and sustains large data and technology infrastructures and integrates complex law enforcement IT system for several US federal agencies. At Leidos we offer engaging careers, a collaborative culture, and support for your career goals and growth. This role would be serving a federal law enforcement agency in Clarksburg, WV with remote work possible.We are seeking a talented and experienced Senior Application Security Architect on our team. The ideal candidate will be responsible for designing and implementing secure application architectures within an enterprise environment, encompassing cross-platform technologies, integrating security into CI/CD systems, ensuring compliance with security standards including NIST and OWASP, and leveraging experience in REST, Python, Perl, JAVA, and PowerShell. This role will be part of a strategic application security team which is part of a larger team that is responsible for defining and enforcing the organization’s secure application development lifecycle.Primary Responsibilities:Design and implement secure application architectures across various enterprise environments and cross-platform technologies.Integrate security into CI/CD pipelines, automating security testing and code analysis processes.Conduct security architecture reviews of existing and new applications, identifying potential vulnerabilities and weaknesses.Provide security guidance and best practices to development teams throughout the Software Development Life Cycle (SDLC).Perform threat modeling to identify potential attack vectors and prioritize security efforts.Define security requirements for applications and APIs, ensuring compliance with NIST, OWASP, and other relevant security standards.Review code (in languages like Python, Perl, JAVA) for security vulnerabilities and provide remediation guidance.Configure and utilize application security testing tools (SAST, DAST, etc.) to automate vulnerability detection.Collaborate with infrastructure and operations teams to ensure secure deployment and configuration of applications.Develop and maintain secure coding guidelines and best practices for developers.Evaluate and recommend new security technologies and tools to enhance application security.Stay up-to-date with the latest application security threats, vulnerabilities, and mitigation techniques.Mentor and train developers on secure coding practices and application security principles.Document security architectures, designs, and standards.Participate in security incident response and provide guidance on application-related security issues.Basic Qualifications:Bachelor’s Degree in Software Engineering, Computer Science, Information SystemsManagement, Cyber Security or other related discipline, or equivalent experience; additional years of experience may be considered in lieu of a degree6+ years of prior relevant experienceCertified Web Application Penetration Tester (CWAPT) or Certified Application Security Specialist (CASS) requiredPrevious System Administration, Developer, and Web services experience in an Enterprise Environment utilizing cross platform technologiesDemonstrated knowledge of networking and virtualization technology, such as OpenStack, RHEV, etcExperience with Continuous Integration/Continuous Deployment (CI/CD) systems in line with configuration management and Secure SDLC best practicesExperience in information system compliance with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA and SANS InstituteDocumented experience in REST, Python, Perl, JAVA and PowerShellAbility to research and learn both independently and as part of a teamMust have reliable internet accessMust be a US Citizen to applyDOD Top Secret Clearance is requiredPreferred Qualifications:Master’s Degree preferred4+ years of prior relevant experience with a Master’s degreeDocumented experience is preferred in as many of the following programming languages, web services, and applicable software stacks as possible: SOAP, Apache Struts, Websockets, Java Message Queue, RPC over HTTP, WIA (Windows, IIS, ASP.NET), C, C++, C#, Node.js, JavaScript, Pega, Groovy, LAMP (Linux, Apache, MySQL, PHP), AMP (Apache, MySQL, PHP), JOLT (Java, Oracle, Linux, Tomcat), and LAMJ (Linux, Apache, MySQL, JSP Servlets).Experience with Cloud Service Providers (CSPs), AWS and Microsoft AzureA minimum of 6 years of experience managing and understanding cloud based infrastructuresOriginal Posting: May 20, 2025For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range: Pay Range $104,650.00 – $189,175.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Expected salary: $104650 – 189175 per year

Location: Clarksburg, WV

Job date: Thu, 22 May 2025 02:32:03 GMT

Apply for the job now!