Web Developer Security Engineer
Back to Jobs
MicroTechGet Smart Job AI Coach in the appFree on iOS and Android 






Web Developer Security Engineer
Location
Washington, DC, US
Experience
Mid
Posted
Jul 10, 2026
Apply by
July 7, 2027
Applicants
0
Early applicantEasy applyFull-timeWork from Office
Job Description
## Overview
The Web Developer Security Engineer is responsible for securing mission-critical web applications, APIs, and supporting cloud services by integrating security throughout the Software Development Lifecycle (SDLC). This position provides application security engineering, vulnerability management, security monitoring, DevSecOps integration, compliance support, and incident response capabilities to ensure applications are resilient against evolving cyber threats. The Web Developer Security Engineer serves as a technical advisor to development teams, helping design, implement, and validate secure web application architectures while supporting federal cybersecurity compliance requirements.
## Responsibilities
Application Security Engineering
- Identify, assess, and remediate web application vulnerabilities, insecure dependencies, configuration weaknesses, and application logic flaws.
- Support the implementation of secure coding practices, application security controls, encryption standards, authentication mechanisms, and secure API integrations.
- Evaluate and recommend security controls for web applications, APIs, mobile-enabled applications, and supporting services.
- Ensure applications align with OWASP Top 10 guidance, secure coding standards, and industry best practices.
DevSecOps, Monitoring & Incident Response
- Integrate security controls into CI/CD pipelines and support automated security testing throughout the software development lifecycle.
- Develop and maintain automation scripts to support security monitoring, threat intelligence integration, compliance validation, and vulnerability management activities.
- Configure and maintain Web Application Firewalls (WAFs), File Integrity Monitoring (FIM) solutions, and other security monitoring capabilities.
- Support incident response activities by investigating security alerts, validating findings, documenting remediation efforts, and recommending security improvements.
- Provide Tier II security engineering support for complex application security issues and escalations.
Compliance, Governance & Security Operations
- Support compliance with federal cybersecurity frameworks, including NIST SP 800-53, FISMA, and FedRAMP requirements.
- Participate in audits, security assessments, authorization activities, and risk management processes.
- Develop security metrics, compliance reporting, and documentation supporting audit readiness and governance requirements.
- Conduct risk assessments and provide remediation guidance for web applications and supporting infrastructure.
- Collaborate with developers, infrastructure teams, cybersecurity personnel, and stakeholders to improve application security posture and operational resilience.
## Qualifications
- Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, or a related field.
- Minimum three (3) years of experience in Web Application Security, Application Security Engineering (AppSec), or Secure Software Development Lifecycle (SSDLC) activities.
- Experience with secure software development, DevSecOps automation, vulnerability remediation, and application security testing.
- Proficiency with modern web development technologies including .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, and SQL.
- Experience with scripting and automation using Python, JavaScript/Node.js, TypeScript, Java, React.js, or similar technologies.
- Experience configuring and managing Web Application Firewalls (WAF), File Integrity Monitoring (FIM), and security monitoring solutions.
- Familiarity with security tools such as SIEM, IDS/IPS, EDR, NDR, Wireshark, and vulnerability assessment platforms.
- Strong understanding of OWASP Top 10, secure coding standards, threat modeling, risk assessment, and vulnerability management.
- Strong analytical, troubleshooting, communication, and documentation skills.
Preferred Qualifications
- Experience supporting federal cybersecurity authorization and compliance processes.
- Experience with NIST SP 800-53, FISMA, FedRAMP, and risk management frameworks.
- Experience implementing advanced DevSecOps practices and CI/CD security automation.
- Knowledge of AWS cloud security, container security, Docker, and Kubernetes.
- Experience designing resilient security architectures and conducting threat modeling exercises.
Preferred Certifications
Candidate must have all of the following:
- CSSLP (Certified Secure Software Lifecycle Professional)
- GWEB (GIAC Web Application Defender)
- CASE (Certified Application Security Engineer)
- OSWE (Offensive Security Web Expert)
- OSCP (Offensive Security Certified Professional)
- Security+
- GSEC
Security Requirements
- Ability to meet all government personnel security and access requirements associated with the program.
Key Responsibilities
- Identify, assess, and remediate web application vulnerabilities and insecure dependencies.
- Support implementation of secure coding practices, encryption standards, and secure API integrations.
- Integrate security controls into CI/CD pipelines and support automated security testing.
- Develop automation scripts for security monitoring, threat intelligence, and compliance validation.
- Configure and maintain Web Application Firewalls (WAFs) and File Integrity Monitoring (FIM) solutions.
- Support incident response by investigating security alerts and documenting remediation efforts.
- Support compliance with federal cybersecurity frameworks including NIST SP 800-53, FISMA, and FedRAMP.
- Participate in audits, security assessments, and risk management processes.
Requirements
- Bachelor’s degree in Computer Science
- Cybersecurity
- Information Systems
- Engineering
- or a related field
Skills Required
.NETC# MVCWCFHTML5CSS3JavaScriptREST APIsSQLPythonNode.jsTypeScriptJavaReact.jsWeb Application FirewallsFile Integrity MonitoringSIEMIDS/IPSEDRNDRWiresharkOWASP Top 10Secure Coding StandardsThreat ModelingVulnerability ManagementAnalytical skillsTroubleshootingCommunicationDocumentationAWSDockerKubernetesContainer Security
App exclusive · Free
Smart Job AI Coach
Your personal interview coach on every job — readiness tips, profile improvements, and role-specific prep. Available only in the Pulse Job app.
Interview readiness
See how prepared you are and what to improve for each role.
Personalized tips
Actionable suggestions based on your profile and the job.
After you apply
Keep coaching momentum from job detail through application success.
Similar roles for you
Matched using this role's title and skills. Open the job search anytime to see every listing.

Web Developer Security Engineer
DMI
Full-timeEasy applyWork from Home
RemoteMid

Web Developer / Application Security (AppSec) Engineer
Assyst
Full-timeEasy applyWork from Office
Washington DCMid

Full Stack Developer (3–11+ Years Experience)
Datamatics Technologies
Full-timeWork from Office
RiyadhMid

Full Stack Developer (3–11+ Years Experience)
Datamatics Technologies
Full-timeWork from Office
BengaluruMid

Full Stack Developer (3–11 Years Experience)
Datamatics Technologies
Full-timeWork from Office
KarachiMid

Back End Developer
Datamatics Technologies
Full-timeWork from Office
KarachiMid