Application Security Engineer

Job Type Full-time Description

Veterans Encouraged to Apply: Detroit Defense proudly supports those who have served. We welcome applicants with military experience, including those transitioning to civilian careers. Your leadership, adaptability, and mission-focused mindset are valued here. Detroit Defense is a 3x recipient of the Hire Vets Gold Medallion Award.

Detroit Defense is seeking an Application Security Engineer with supporting DevSecOps responsibilities. The primary focus of this role is to assess, test, and improve the security of software applications. The secondary focus involves embedding security into the software development pipeline through automation and tooling. The role includes evaluating software for vulnerabilities, gaining expertise in application security, and collaborating with development teams to share best practices. Additionally, the engineer will integrate and manage tools such as source code repositories, build systems, security analysis platforms, issue tracking, and development environments to enhance the organization’s overall security posture.

Essential Duties And Responsibilities:

• Perform application security testing and recommend improvements, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, and Software Composition Analysis (SCA).
• Apply creativity and resourcefulness to proactively assess application, network, and container security using tools such as Nmap, Netcat, Wireshark, Burp Suite, Nikto, SQLMap, container security scanners (e.g., Trivy, Clair), and vulnerability scanners (OpenVAS/Nessus), identifying improvements and additions to security defenses.
• Implement secure software development practices by integrating tools across the pipeline, including repository and issue management (GitLab), source control (Git, SourceTree), static and open-source security analysis (Coverity, Black Duck, CodeSight), secrets management, and modern development environments (VS Code, Visual Studio).
• Collaborate with software development teams to customize pipeline configurations, including build pass/fail criteria, triggers, open-source dependency vulnerability notifications, and build reports.
• Develop and provide security-related tools to developers for use within integrated development environments (IDEs).
• Adapt to a variety of technology environments, including C#, .NET, MAUI Blazor, JavaScript, Python, Vue, Linux, and Windows.
• Create repeatable processes that minimize or eliminate manual input.
• Proficient in Python and command-line scripting.
• Hold a DevOps or DevSecOps certification.
• Hold one or more software security certifications, including (in alphabetical order): CASP+, CEH, CISSP, OSCP, Security+.
• Apply DISA STIGs and OWASP Secure Coding Practices to guide secure software development and system configuration.
• Must be able to obtain a US Secret Security Clearance if required
• A bachelor’s degree from an accredited college or university in an applicable field of study

Requirements

Detroit Defense offers an impressive compensation and benefits package including:

• Medical, Dental & Vision Benefits
• Company Paid Life and AD&D
• Company Paid Short Term and Long-Term Disability
• Flexible Spending & HSA Accounts
• Legal & ID Shield Services
• 401k with Company Match
• Paid holidays, vacation, and sick days

Why Detroit Defense:
At Detroit Defense, we deliver mission-critical solutions that enhance national security, protect the warfighter, and enable readiness through innovation, technical excellence, and end-to-end lifecycle support. 

Remaining steadfast in our core values of Trustworthy, Mission Driven, Creative, and Agile we are a complex systems integrator for the U.S. Government, Detroit Defense provides solutions to meet the technical and programmatic challenges faced by our customers. Our proven success in multi-domain cross-platform system-of-systems integration results in fielded capability for warfighters. From R&D to production, fielding, and sustainment, Detroit Defense provides services and solutions to Empower Those That protect Us.

Detroit Defense is a proud recipient of the 2022, 2023 & 2024 Hire Vets Gold Medallion Award.

Detroit Defense is an Equal Opportunity/Affirmative Action employer. All qualified applicants will be considered without regard to race, color, religion, national origin, sex (including gender identity or gender expression), age, mental or physical disability, creed, ancestry, citizenship, veteran status, marital status, sexual orientation, medical condition, genetic trait or any other characteristic protected by federal, state or local law.