Web Developer Security Engineer
Quick Summary
Identify, analyze, and remediate critical vulnerabilities, logic flaws, insecure dependencies, and misconfigurations in web applications and APIs Drive end-to-end vulnerability lifecycle management,
Bachelor's degree or higher in Computer Science, Cybersecurity, Information Systems, Engineering, or a related field Minimum 3 years of experience in Web Application Security,
DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. With a focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, DMI supports public sector agencies and commercial enterprises around the globe. Recognized as a Top Workplace, DMI is committed to delivering secure, efficient, and cost-effective solutions that drive measurable results. Learn more at www.dminc.com
About the Role
~1 min readDMI is seeking a Web Developer Security Engineer to embed security throughout the software development lifecycle for a federal agency client. In this role, you will identify and remediate vulnerabilities in web applications and APIs, integrate security controls into application architectures, and support compliance with federal cybersecurity frameworks — functioning at the intersection of development and security.
Responsibilities
~1 min read- →Identify, analyze, and remediate critical vulnerabilities, logic flaws, insecure dependencies, and misconfigurations in web applications and APIs
- →Drive end-to-end vulnerability lifecycle management, including threat modeling, security assessments, and technical validation of remediation
- →Integrate security controls into application architectures and APIs; advise on secure design patterns and data protection mechanisms
- →Review and analyze web server and application logs to detect anomalies and indicators of compromise; implement threat intelligence automation
- →Deploy, tune, and maintain Web Application Firewalls (WAF) tailored to custom-developed applications and traffic patterns
- →Configure and manage File Integrity Monitoring (FIM) solutions to detect and alert on unauthorized changes to web content directories
- →Implement DevSecOps principles throughout the CI/CD pipeline; develop security metrics and compliance reporting against established baselines
- →Ensure web applications and cloud infrastructure comply with NIST SP 800-53, FISMA, and FedRAMP requirements; participate in audits and risk assessments
- →Provide Tier II support for security operations and recommend ongoing security enhancements
Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.
Requirements
~1 min read- Bachelor's degree or higher in Computer Science, Cybersecurity, Information Systems, Engineering, or a related field
- Minimum 3 years of experience in Web Application Security, Application Security Engineering (AppSec), or SSDLC
- Proficiency in .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, and SQL
- Strong understanding of OWASP Top 10 and secure coding standards
- Experience deploying and managing WAF solutions for custom-developed web applications
- Experience configuring FIM solutions for web content and application directories
- Familiarity with security testing tools, including Wireshark, SIEM, IDS/IPS, NDR, and EDR
- Ability to leverage AI-assisted development tools (e.g., GitHub Copilot, OpenAI API) for security automation and compliance auditing
- Experience implementing DevSecOps principles, including security gate integration in CI/CD pipelines
- Active security certifications across AppSec, offensive security, and foundational security domains, maintained for a minimum of 5 years
- In-depth experience with federal cybersecurity frameworks, including NIST SP 800-53, FISMA, and FedRAMP authorization processes
- Proven background in threat modeling, risk assessment, and security architecture design
- Advanced experience with CI/CD pipeline security gate automation
- Cloud security experience with AWS and container security (Docker, Kubernetes)
Location & Eligibility
Listing Details
- Posted
- July 6, 2026
- First seen
- July 11, 2026
- Last seen
- July 11, 2026
Posting Health
- Days active
- 0
- Repost count
- 0
- Trust Level
- 37%
- Scored at
- July 11, 2026
Signal breakdown
Please let careers-dminc know you found this job on Jobera.
4 other jobs at careers-dminc
View all →Explore open roles at careers-dminc.
Similar Security Engineer jobs
View all →Browse Similar Jobs
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
No spam. Unsubscribe at any time.