Location: Hybrid – DMV area (DC, MD, VA) | Monthly onsite in Reston, VA
Company Overview
Glint Tech Solutions is a women-owned global staffing and IT recruiting firm connecting top technical talent with leading enterprise clients across the United States.
Project Description
Our client, a leading healthcare payor in Reston, VA, is seeking a software-focused Application Cyber Security Engineer to support DevSecOps, AWS Cloud Security, and cloud migration initiatives. This is primarily a remote role with required monthly onsite visits to Reston, VA. Candidates must reside in the DC, MD, or VA area — travel expenses will not be reimbursed. The interview process includes 2 rounds with a mandatory F2F final round in Reston, VA.
Key Responsibilities
-
Develop and implement application security solutions; architect and engineer trusted systems into secure systems
-
Support DevSecOps practices including SAST, DAST, IAST, SCA, penetration testing, secure code review, and threat modeling
-
Secure AWS environments across IAM, EC2, S3, Lambda, EKS, CloudTrail, Security Hub, and GuardDuty
-
Manage Kubernetes and container security including Amazon EKS, pod security, RBAC, network policies, and runtime hardening
-
Operate CNAPP, CSPM, KSPM, and CWPP platforms such as Wiz, CrowdStrike, or similar solutions
-
Map application and cloud-native controls to frameworks including NIST CSF, NIST 800-53, ISO 27001, SOC2, CIS Benchmarks, and MITRE ATT&CK
-
Implement infrastructure-as-code and policy-as-code using Terraform, Helm, CloudFormation, and Rego/OPA
-
Collaborate with development teams to communicate security findings and drive practical remediation
-
Advise management on cybersecurity policies, processes, and procedures
Mandatory Skills
-
Strong hands-on experience in Application Security, Secure SDLC, DevSecOps, Cloud Security, and Vulnerability Management
-
Deep knowledge of OWASP Top 10, API Security Top 10, and secure coding practices
-
Hands-on experience with CNAPP, CSPM, KSPM, CWPP platforms (Wiz, CrowdStrike, or similar)
-
Hands-on AWS cloud security experience across core services
-
Deep knowledge of Kubernetes and container security including Amazon EKS
-
Strong CI/CD and DevSecOps pipeline security experience
-
Experience with IaC and policy-as-code tools — Terraform, Helm, CloudFormation, Rego/OPA
-
Strong written and verbal communication skills for both technical and non-technical audiences
-
One or more certifications required: CISSP, CISM, CEH, or CISA
Nice-to-Have Skills
-
AWS Certified Security Specialty certification
-
Experience in healthcare or similarly regulated industries
-
Background in cloud migration security initiatives