Application Security Lead
Application Security Lead
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 104650 - 189175
1 Vacancy
Job Description
Leidos Public Health and Human Services Operation is seeking an Application Security Lead contingent upon contract award.
Candidate MUST:
Be local to the Washington DC Metro area and be able to work onsite as needed; be a US Citizen or US Person (Green Card holder) with the ability to obtain a Public Trust level 5 Clearance.
- Responsible for the management. Secure Development to include:
- Ensuring security implementation and procedures adhere to Open Web Application Security Project (OWASP) and Computer Emergency Readiness Team (CERT)/Software Engineering Institute (SEI) secure coding best practices for all releases.
- Ensuring that Kubernetes based architecture meets or exceeds the current NIST and Cybersecurity and Infrastructure Security Agency (CISA) Kubernetes hardening guidance.
- Ensure that all systems and security processes integrate with Continuous Diagnostics and Monitoring (CDM) environment as well as the HHS Enterprise Governance Risk and Compliance tool(s).
- Performing routine audits to measure adherence to approved software framework design patterns shared security services and reference platforms
- Providing application security subject matter expertise to support contractor staff in implementing and supporting security best practices such as validating input architecting for security implementing default deny practices and adhering to the principle of least privilege in databases middleware code applications and user interfaces.
- Performing manual or automated Static/Dynamic/Interactive Application Security Testing (SAST/DAST/IAST) utilizing Secure Code Analysis (SCA) tools as part of the SecureSDLC while performing all software development unless otherwise approved by the COR or their designee
- Identifying assessing and mitigating the software supply chain threats warnings and vulnerabilities associated with the development and maintenance of each IT system throughout its lifecycle
- Remediating all security issues and risks identified using static and dynamic application security testing before any production release unless otherwise approved by the COR or their designee
- Providing security recommendations based on the evaluation of business strategies and requirements
- Participating in the planning design and development of systems processes and shared services to ensure consistent application and enforcement of security principles
Required Education and Experience:
- Bachelors Degree and 8 years of secure agile software development experience of mission critical federal enterprise system
- 5 years of experience in DevSecOps and integrating and automating security practices within the software development process for enterprise software with more than 30 systems in a federal environment
hhsfda
Original Posting:
April 8 2025For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $104650.00 $189175.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.
Employment Type
Full-Time
