Application Security Architect & Engineer ; Richmond, VA - Remote/ Hybrid -W2 role

Remote Full-time
Title: Application Security Architect & Engineer

Location: Richmond, VA - Remote/ Hybrid

Duration: 6 months (Contract-to-Hire).

About The Role

Virginia Tax is seeking an Application Security Engineer (ASE) with 5+ years of experience to join the Office of Technology under Joint Security Operations. In this role, the ASE serves as a dedicated security partner to application teams, providing guidance on secure design, vulnerability management, and secure development practices. The ASE works collaboratively across the SDLC to ensure security is embedded into application design, development, testing, and deployment. This includes supporting compliance requirements, delivering training and education, and assisting teams with vulnerability remediation efforts.

The successful candidate will identify and recommend improvements to improve the security of all Virginia Tax applications, promote secure coding and development practices, and contribute to ongoing initiatives that reduce risk and strengthen the agency's overall security posture.

Responsibilities Include But Not Limited To

Provide security guidance, training, and best practices for development and operations teams.

Support secure software development by applying knowledge of SDLC, Agile, and Scrum methodologies.

Evaluate software architecture and design for security risks and alignment with DevSecOps principles.

Promote and enforce secure coding standards and guidelines.

Review source code to identify vulnerabilities and recommend remediation strategies.

Assess security risks across multiple programming languages (e.g., JavaScript, C#, Java, Ruby, SQL).

Analyze and secure modern web application architectures, including cloud, APIs, microservices, and client server models.

Identify and address common vulnerabilities, including those outlined in the OWASP Top 10.

Support vulnerability remediation, patch management, and continuous improvement efforts.

Utilize application security testing tools such as SAST, DAST, IAST, and platforms like Accunetix, Veracode, Jenkins, Splunk, Rapid7, and Tenable.

Interpret and act on findings from SIEM systems, including Splunk.

Apply knowledge of common security controls and frameworks.

Ensure compliance with relevant security regulations and standards (e.g., NIST 800 53, IRS Pub 1075, PCI DSS).

Implement and evaluate AWS cloud security controls and best practices.

Create, maintain, and review System Security Plans (SSPs).

Troubleshoot and resolve complex technical and security-related issues.

Stay current with evolving threats, technologies, and industry trends.

Develop detailed plans and communicate risks, impacts, and recommendations effectively.

Collaborate with application teams, QA engineers, and operations teams to integrate security into workflows.

Provide constructive, actionable feedback to application teams.

Communicate technical concepts clearly to both technical and non technical audiences.

Work closely with other security analysts and technology teams to support agency and enterprise security initiatives.

Manage multiple tasks, prioritize effectively, and meet deadlines.

Apply critical thinking to evaluate and mitigate security risks and vulnerabilities.

Required Skills/Experience

Five or more years' experience in application security.

Two or more years' network or firewall/AWS Security Groups.

Experience with log collection, vulnerability scans and remediation, or privileged access management.

Strong understanding of security concepts, network protocols, and threat vectors.

Proficiency in SIEM, IDS/IPS, EDR, and other relevant security tools.

Excellent analytical and problem-solving skills.

Strong communication, collaboration, and documentation skills.

Ability to work independently and as part of a team in a fast-paced environment.

Have Experience And a Strong Knowledge Of The Following

Splunk, Insigh tVM Rapid7, Tenable, CyberArk, Jenkins, Veracode

Linux and Windows Operating Systems, Baseline hardening of operating systems

IIS and Apache, Scripting Languages and SQL, PowerShell, Firewall

At Least One Of These Certs Below Is REQUIRED

CompTIA Security+

ISC2 CC (Certified in Cybersecurity)

Offensive Security Certified Professional (OSCP)

CCSP (Certified Cloud Security Professional)

CSSLP (Certified Secure Software Lifecycle Professional)

At least one of these certs below is highly DESIRED (Independently and or with one of the above)

AWS Solutions Architect (Associate/Professional)

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

VP, Innovation Lab

Remote

Director, Corporate Reputation

Remote

Sales Representative Full-Time (2PM-10PM Evening Shift)

Remote

WORK FROM HOME/HOME BASED INSURANCE AGENT

Remote

**Experienced Medical Customer Service Representative – Remote Opportunity for Waco, TX and Surrounding Areas**

Remote

Experienced Remote Customer Support Representative – Delivering Exceptional Service Experiences in a Dynamic Retail Environment at arenaflex

Remote

Experienced Customer Service and Technical Support Representative – Remote Work Opportunity with blithequark

Remote

amazon warehouse associate $15+ / Hour (Sign on Bonus)! – Amazon Store

Remote

American Airlines Careers Work From Home Job Dallas $26/Hour

Remote

Virtual Assistant, Real Estate Ops & Property Management – Remote

Remote
← Back