×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Security Specialist​/Application Security Lead

Job in Baltimore, Anne Arundel County, Maryland, 21276, USA
Listing for: Zantech
Full Time position
Listed on 2026-06-07
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Security Specialist / Application Security Lead

Zantech is seeking a Security Specialist / Application Security Lead for a Hybrid role based out of Camp Springs, MD. The role provides expert application security leadership, ensuring secure software delivery through integrated security controls, vulnerability management, and Zero Trust architecture implementation. It leads Security Engineers and Security Champions in embedding security throughout the software development lifecycle and collaborates with the Dev Sec Ops  Lead to implement automated security testing in CI/CD pipelines.

Responsibilities
  • Application Security Strategy & Architecture
    • Establish and maintain application security standards and best practices for USCIS OIT
    • Define security controls and gates for integration within CI/CD pipelines
    • Design Zero Trust architecture implementations covering identity, workload, network, and data protection
  • Security Integration in CI/CD Pipelines
    • Lead integration of SAST and DAST tools
    • Implement container security scanning and vulnerability management (Aqua Security, Snyk)
    • Establish Infrastructure as Code (IaC) security scanning and policy enforcement
    • Integrate secrets management (Hashi Corp Vault) and secure credential handling
  • Vulnerability Management & Threat Assessment
    • Identify threats and measure potential vulnerabilities in systems, applications, and services
    • Conduct security assessments and coordinate penetration testing
    • Track vulnerability remediation SLAs and metrics
  • Zero Trust Architecture Implementation
    • Implement Zero Trust principles across Applications and Workloads realm
    • Design and validate identity-based access controls (Okta, AWS IAM)
    • Establish micro-segmentation and workload isolation patterns
  • Policy-as-Code & Compliance Automation
    • Implement policy-as-code using Open Policy Agent (OPA)
    • Automate enforcement of security and compliance controls
    • Support ATO/Continuous Authorization processes with automated security control validation
Required Experience or Knowledge
  • Minimum 10 years of IT engineering experience
  • Minimum 5 years in Dev Sec Ops , Dev Ops, or Platform Engineering roles
  • Minimum 3 years of federal government experience, preferably DHS or civilian agencies
  • Demonstrated experience designing and implementing enterprise CI/CD solutions
  • Experience with cloud-native application development and deployment
  • Track record of successful Dev Sec Ops  transformations in complex enterprise environments
Technical Skills (Required)
  • Expert-level knowledge of CI/CD tools (Jenkins, Git Lab CI/CD, Git Hub Actions, or similar)
  • Deep expertise with container orchestration platforms (Kubernetes, Open Shift, EKS, ECS)
  • Advanced proficiency with Infrastructure-as-Code tools (Terraform, Cloud Formation, Ansible)
  • Strong scripting abilities (Python, Bash, Power Shell, Go)
  • Extensive experience with AWS cloud services (EC2, S3, Lambda, RDS, VPC, IAM, etc.)
  • Expert knowledge of Git workflows and version control strategies
  • Proficiency with security scanning tools (Sonar Qube, Veracode, Checkmarx, Twistlock, Aqua)
  • Experience with monitoring and observability tools (Prometheus, Grafana, ELK Stack, Datadog, Splunk)
Technical Skills (Highly Desired)
  • Experience with service mesh technologies (Istio, Linkerd)
  • Knowledge of policy-as-code tools (OPA, Kyverno, Sentinel)
  • Familiarity with Backstage.io (especially relevant for USCIS Backstage)
  • Experience with API gateway and management solutions
  • Knowledge of secrets management tools (Vault, AWS Secrets Manager)
  • Understanding of software bill of materials (SBOM) and supply chain security
Technical Skills
  • Expert: SAST/DAST tools (Checkmarx, Fortify, Sonar Qube, Burp Suite, OWASP ZAP)
  • Expert:
    Container scanning (Aqua Security, Snyk, Twistlock)
  • Expert: AWS Security services (Security Hub, Guard Duty, Config, IAM)
  • Proficient:
    Open Policy Agent, Hashi Corp Vault, Okta
  • Proficient:
    Kubernetes security, Zero Trust architecture
  • Knowledge: NIST 800-53, OWASP Top 10, FedRAMP
Federal & DHS‑Specific Knowledge
  • Understanding of Zero Trust Architecture principles and implementation
  • Knowledge of FedRAMP, FISMA, and NIST frameworks (800‑53, 800‑171)
  • Familiarity with DHS security requirements and authorization processes
  • Understanding of Section 508 compliance requirements
  • Experience with…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search