AWS Lambda, Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3), Amazon Web Services (AWS), Applications Security, Benchmarking, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Applications, Cloud Computing, Code Reviews, Communication Skills, Computer Security, Continuous Deployment/Delivery, Continuous Integration, Healthcare, ISO (International Organization for Standardization), Internet Security, Penetration Testing, Presentation/Verbal Skills, Software Development, Software Development Lifecycle (SDLC), Software Engineering, Systems Engineering, Technical Recruiting, Threat Modeling, U.S. National Institute of Standards and Technology (NIST), Writing Skills
Application Cyber Security Engineer
Location: Hybrid – DMV area (DC, MD, VA) | Monthly onsite in Reston, VA
Company Overview
Glint Tech Solutions is a women-owned global staffing and IT recruiting firm connecting top technical talent with leading enterprise clients across the United States.
Project Description
Our client, a leading healthcare payor in Reston, VA, is seeking a software-focused Application Cyber Security Engineer to support DevSecOps, AWS Cloud Security, and cloud migration initiatives. This is primarily a remote role with required monthly onsite visits to Reston, VA. Candidates must reside in the DC, MD, or VA area — travel expenses will not be reimbursed. The interview process includes 2 rounds with a mandatory F2F final round in Reston, VA.
Key Responsibilities
- Develop and implement application security solutions; architect and engineer trusted systems into secure systems
- Support DevSecOps practices including SAST, DAST, IAST, SCA, penetration testing, secure code review, and threat modeling
- Secure AWS environments across IAM, EC2, S3, Lambda, EKS, CloudTrail, Security Hub, and GuardDuty
- Manage Kubernetes and container security including Amazon EKS, pod security, RBAC, network policies, and runtime hardening
- Operate CNAPP, CSPM, KSPM, and CWPP platforms such as Wiz, CrowdStrike, or similar solutions
- Map application and cloud-native controls to frameworks including NIST CSF, NIST 800-53, ISO 27001, SOC2, CIS Benchmarks, and MITRE ATT&CK
- Implement infrastructure-as-code and policy-as-code using Terraform, Helm, CloudFormation, and Rego/OPA
- Collaborate with development teams to communicate security findings and drive practical remediation
- Advise management on cybersecurity policies, processes, and procedures
Mandatory Skills
- Strong hands-on experience in Application Security, Secure SDLC, DevSecOps, Cloud Security, and Vulnerability Management
- Deep knowledge of OWASP Top 10, API Security Top 10, and secure coding practices
- Hands-on experience with CNAPP, CSPM, KSPM, CWPP platforms (Wiz, CrowdStrike, or similar)
- Hands-on AWS cloud security experience across core services
- Deep knowledge of Kubernetes and container security including Amazon EKS
- Strong CI/CD and DevSecOps pipeline security experience
- Experience with IaC and policy-as-code tools — Terraform, Helm, CloudFormation, Rego/OPA
- Strong written and verbal communication skills for both technical and non-technical audiences
- One or more certifications required: CISSP, CISM, CEH, or CISA
Nice-to-Have Skills
- AWS Certified Security Specialty certification
- Experience in healthcare or similarly regulated industries
- Background in cloud migration security initiatives
G
Glint Tech Solutions LLC