SkyePoint Decisions, Inc.

  • Application Security Engineer

    Job Location US-VA-McLean
    Job Type
    Immediate Hire
    Information Technology
  • Overview

    SkyePoint Decisions, Inc. is seeking a highly motivated, team-oriented individual to fill the role of an Application Security Engineer to join our team of qualified, diverse individuals. This position will be located in McLean, VA. The qualified applicant will support the Department of State (DOS) Consular Systems Modernization (CSM) Program, for the Bureau of Consular Affairs (CA). This initiative is intended to modernize and consolidate the operational environment under a common technology framework in order to better support the services provided to CA’s customers. The Application Security Engineer is responsible for ensuring the solution meets the security criteria of the program and DoS.


    • Analyze and study complex system requirements from a security perspective
    • Review existing solution and assist in making refinements improving security
    • Supports defining the programs security requirements
    • Perform Risk Assessments including vulnerability scans, penetration tests (incl. social engineering), 3rd Party (e.g., vendor) risk assessment, and data-centric risk assessment
    • Complete Threat Intelligence including internal, external, online threat information sources and indicators of compromise
    • Perform Security Operations including vulnerability management, data loss/leakage prevention, and incident response
    • Provide Security Engineering including security architecture, secure software development, and cryptography
    • Perform static and dynamic analysis of .NET and Java based applications including code reviews
    • Install/Configure and use tools such as Fortify, HP Scan to perform white box security assessments
    • Perform intensive analysis of application/platform access control data structures and articulate security requirements
    • Support Cloud Security including Cloud-based Identify and access management roles, policies, resources and credentials and user provisioning, SAML, openid auth, etc.


    • Active Secret Clearance
    • Bachelor's degree in a related field (computer science) and at least 5 years’ experience (max min based on CJCS and customer job cat)
    • SANS or ISC2 program certifications. Such as GIAC Web Application Defender, GIAC Secure Software Programmers cert, Certified Secure Software Lifecycle Professional (CSSLP)
    • Three years’ experience in all aspects of security engineering as described above
    • Strong coding skills in Python, Ruby, Java, C#, javascript
    • Working knowledge of network and web related protocols TCP/IP, UDP, IPSEC, HTTP/S and BGP
    • Understanding of entire technology stack of networks, databases, applications and endpoints
    • Maintaining a working knowledge of current security threats
    • Hand on experience with application security Understanding of web service technologies such as XML, JSON, SOAP, and REST
    • Working experience in medium to large program using Agile
    • Must have a current, active Secret (or higher) clearance


    Preferred Qualifications:


    • Experience in cloud based environments including deploying solutions on public/hybrid clouds
    • Experience implementing DevSecOps for large program using Agile, preferably SAFe, development methodology
    • Excellent communication skills, both verbally and in writing to effectively interact with multiple teams both internal and external
    • Experience implementing DevSecOps using SonaType platform for a Cloud-based system on a modernization program ensuring existing applications and systems are modernized to satisfy legacy functional requirements
    • Experience with IBM Rational Collaborative Lifecycle Management

    SkyePoint Decisions is an established ISO 9000:2008 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customer’s technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.


    SkyePoint Decisions empowers a secure dynamic workforce to complete any mission -- anytime, anywhere. It’s what we call Agency Anywhere®. SkyePoint Decisions delivers Agency Anywhere® by tightly integrating our technical competencies (cybersecurity, cloud services, remote access, collaboration, system & network optimization, device management and more) to provide our customer’s operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to successfully and securely complete any mission – anytime, anywhere.


    SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed