Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
phia, LLC

Lead Application Security Engineer

phia, LLC

Lead Application Security Engineer driving complex application security testing program for federal civilian client in a dynamic environment. Join a skunk-works AppSec team managing a full stack system.

Posted 6/12/2026full-timeRemote • Virginia • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies
AnsibleAWSCloudDockerEC2JavaKubernetesLinuxOpenShiftPythonUnix

About the role

Key responsibilities & impact
  • Run a Federal Burp Suite Enterprise Program — Remote Bring your own Burp extensions.
  • Drive the dynamic application security testing (DAST) program for a federal civilian client operating one of the more complex enterprise environments in government.
  • Join a four-person skunk-works AppSec team that owns its entire stack end to end.
  • Architect, operate, and continuously improve scheduled authenticated DAST scanning.
  • Write and maintain extensions (Python/ Jython or Java/Montoya API) that solve authentication, validation, and workflow problems off-the-shelf tooling can’t.
  • Lead and drive discussions with DevOps, platform, and identity stakeholders outside the security team.
  • Administer the team’s Linux servers in AWS (EC2, Cloud Formation), support the migration to OpenShift.

Requirements

What you’ll need
  • 8+ years in engineering/security, with deep, recent, hands-on Burp Suite Enterprise and Burp Suite Professional operations
  • Demonstrated experience writing or significantly modifying custom Burp extensions (Python/ Jython , Java, or Montoya API)
  • Strong Linux/Unix command-line fluency
  • Comfortable diagnosing services, disk, memory, and network from a shell, daily Python and Bash scripting; Ansible exposure; experience with Docker/Kubernetes (OpenShift a plus) and AWS
  • Experience integrating security tooling into GitHub Actions or comparable CI/CD pipelines
  • Proven technical leadership: you have driven programs or technical decisions across teams and can hold your own
  • Energetically in a room of senior engineers
  • An active, visible interest in AppSec and DevSecOps research: you test new techniques, follow the field, and bring ideas to the team unprompted
  • U.S. citizenship and the ability to complete federal Public Trust vetting (no security clearance required)

Benefits

Comp & perks
  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short Term & Long-Term Disability
  • 401k Retirement Savings Plan with Company Match
  • Paid Holidays
  • Paid Time Off (PTO)
  • Tuition and Professional Development Assistance

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Burp Suite EnterpriseBurp Suite ProfessionalPythonJythonJavaMontoya APILinuxBash scriptingDockerKubernetes
Soft Skills
technical leadershipcommunicationcollaborationproblem-solvinginitiative