Ashburn Consulting logo

Senior Security Code Reviewer

Posted about 1 month ago

RemoteCamp Springs, MD, United StatesSE

Job Description

Ashburn is seeking a Senior Security Code Reviewer to support a federal cybersecurity architecture opportunity. This Key Personnel role will lead application security testing, secure code review, DevSecOps pipeline integration, secure development guidance, risk assessments, and cloud/network security evaluation for a proposal opportunity.

Primary Responsibilities

  • Conduct security code reviews and risk assessments for applications and enterprise systems.
  • Use application security testing tools to identify vulnerabilities and provide remediation guidance.
  • Integrate security testing into DevSecOps and CI/CD pipelines.
  • Review application architecture, source code, dependencies, infrastructure-as-code, and deployment practices.
  • Support secure coding standards, developer security training, and technical remediation guidance.
  • Evaluate and improve cloud, network, and enterprise system security.
  • Provide technical writing, reporting, and mentoring to engineering and development teams.
  • Support federal cybersecurity compliance objectives and secure development lifecycle requirements.

Qualifications

Required Qualifications

  • Candidates must be U.S. citizens.
  • Candidates must be willing and able to work as Ashburn W-2 employees. 1099 and corp-to-corp arrangements are not permitted for these roles.
  • DHS EOD / suitability is required.
  • 10+ years of experience automating application security scanning processes, Zero Trust integration, and data sanitization for Government or similarly complex enterprise systems.
  • Experience deploying and using Application Security Testing platforms such as Checkmarx.
  • Experience automating or supporting Zero Trust Network Access (ZTNA) and Secure Web Gateway (SWG) solutions.
  • Advanced security engineering experience across on-premises and cloud environments.
  • Experience implementing AWS security best practices, including VPC Flow Logs, Security Lake, and audit monitoring.
  • Experience building EKS clusters using Terraform and Kubernetes.
  • Experience creating custom hardened AMI builds.
  • Experience integrating network security tools such as Palo Alto, AlgoSec, Gigamon, and Corelight.
  • Experience reviewing, evaluating, and improving security of complex systems and networks.
  • Experience with vulnerability management, SIEM integrations, certificate management, single sign-on implementations, and federal regulatory compliance.
  • Demonstrated ability to lead security code reviews and conduct risk assessments.
  • Experience developing OS hardening strategies, evaluating firewall policies, and implementing enterprise infrastructure monitoring solutions.
  • Strong technical writing, training, and mentoring skills.
  • Ability to mentor development teams in secure coding practices and align technical solutions to Government cybersecurity objectives.

Preferred / Strongly Desired Qualifications

  • Experience with Burp Suite, Checkmarx One, PortSwigger, SonarQube, Fortify, SAST, DAST, SCA, API security testing, or IaC scanning.
  • Experience integrating application security testing into CI/CD pipelines.
  • Experience with secure coding practices in Java, Python, JavaScript, C#, Ruby, SQL, React, Node.js, PowerShell, Go, or similar languages.
  • Experience applying OWASP, NIST, DHS, DevSecOps, and secure software lifecycle practices.
  • Secure software certification preferred, such as CSSLP, GIAC secure software credential, EC-Council secure programmer certification, or comparable experience.
  • Prior DHS, DOD / DOW or federal application security experience.

 

Additional Information

PHYSICAL REQUIREMENTS:
Work is equally performed in the field as well as in a normal office environment. Lifting (up to 50lbs) may be required. Ladder climbing may be required. Driving is required. All duties performed with or without reasonable accommodations.

Additional Information

Equal Opportunity Employer/Veterans/Disabled. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail [email protected].”

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail [email protected].”

 

Job details
Workplace
Remote
Location
Camp Springs, MD, United States
Experience
SE
Ashburn Consulting logo
Ashburn Consulting
View company page

Ashburn Consulting LLC provides IT support cyber security services for technology infrastructure, enhance cyber security, data Center/Cloud solutions and ensure smooth operations.

Employees
40
Industry
IT Services and IT Consulting
Headquarters
Leesburg, VA
Founded
2002
Company location
-, Leesburg, VA 20176, US
Specialties
Network Engineering, Security Engineering, Data Center, Wireless, Video Distribution, Public Safety, Custom Situation Awareness Solutions, Cyber Security, Colocation Assistance, and Technology Consultants

Key team members

Francis Bustamante

Francis Bustamante

Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups