Application Security Engineer (Secret Clearance) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Take2 Consulting, LLC · 7 hours ago

Application Security Engineer (Secret Clearance)

positionUnited States
timeContract
remoteRemote
seniorityMid Level

Take2 Consulting, LLC is seeking an Application Security Tooling Administrator to enhance a defense agency’s application security scanning ecosystem throughout the software development life cycle. The role involves operating various application security tools and ensuring scalable security controls in regulated environments.

ConsultingLegalManagement Consulting
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote
Hiring Manager
Atef Ben Said
linkedin

Responsibilities

Help design, operate, and continuously improve a defense agency’s application security (AppSec) scanning ecosystem across the software development life cycle (SDLC)
Run and integrate software composition analysis (SCA) with Sonatype, static application security testing (SAST) with Fortify, container/Kubernetes security with Red Hat Advanced Cluster Security (StackRox), and dynamic application security testing (DAST) with Burp Suite
Ensure scalable, auditable, mission-ready security controls in regulated environments

Qualification

Application Security EngineeringDevSecOpsSonatypeFortifyBurp SuiteCI/CDSecure SDLCLinux AdministrationCommon LanguagesKubernetes SecurityTLS/Cert ManagementIdentity IntegrationOracle Cloud InfrastructureVulnerability ManagementSecurity+CISSPCSSLPGIACKubernetes Security Certs

Required

Active Secret clearance required
Experience in application security engineering and/or DevSecOps in regulated environments
Hands-on administration and pipeline integration experience with Sonatype (Nexus IQ/Lifecycle), Fortify (SCA/SSC), StackRox/Red Hat ACS, and Burp Suite (Professional/Enterprise preferred)
Strong CI/CD and automation skills; ability to implement repeatable integrations and policy gates
Working knowledge of: Secure SDLC, OWASP Top 10, dependency risk, SBOM concepts, container/Kubernetes security
Linux administration, networking fundamentals, TLS/cert management, identity integration (SSO/LDAP)
Common languages/build systems (e.g., Java/Maven/Gradle, .NET/NuGet, Node/npm, Python/pip)
Oracle Cloud Infrastructure

Preferred

Familiarity with registries and orchestration: Harbor/Artifactory/ECR, Kubernetes/OpenShift, Helm
DoD/IC experience with RMF, STIGs, and vulnerability management processes
Experience integrating with SIEM/SOAR and ticketing (e.g., Splunk, ServiceNow, Jira)
Relevant certifications (one or more): Security+, CISSP, CSSLP, GIAC, Kubernetes security certs

Company

Take2 Consulting, LLC

twittertwittertwitter
company-logo
Tech evolves. Industries shift. Take2 ensures your team moves with it.
dateFounded in 2015
location
Vienna, Virginia, USA
people-size1001-5000 employees
web-link
https://www.take2it.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Serge Khoury
Founder & Managing Partner
linkedin
Company data provided by crunchbase