Application Security Engineer at Oasys – Fairfax, Virginia
Explore Related Opportunities
About This Position
Who We Are: Oasys International LLC (Oasys) is a fast-growing federal government contractor delivering high-quality technology consulting and professional services to civilian, defense, and homeland security agencies. We have been recognized on Inc. 5000’s list of the fastest-growing companies in America for five consecutive years and named a Best Places to Work in Virginia for the past two years.
Our success is driven by a talented team of technologists, consultants, engineers, and subject-matter experts who support complex federal missions with integrity and excellence. At Oasys, we foster a collaborative, merit-based culture that values continuous learning, professional growth, and work-life balance. We are committed to creating an inclusive, engaging environment where employees are recognized for their contributions and empowered to build meaningful, long-term careers.
Position Summary:
The Application Security Engineer position supports secure application development and cybersecurity operations for Federal DoD programs. The role requires a deep expertise in application security, software development, federal cybersecurity standards, and secure architecture. Will be responsible for senior-level leadership in information security, secure SDLC integration, and compliance with federal security frameworks such as NIST 800‑53, NIST 800‑37 RMF, FedRAMP, and agency-specific security baselines.
NOTE: This role is contingent on the contract being awarded.
Primary Responsibilities:
- Serve as the primary application security SME for the project, ensuring compliance with NIST, FISMA, FedRAMP, DHS, DoD, and agency-specific security requirements.
- Guide system teams through Risk Management Framework (RMF) steps related to application security, including control implementation, evidence gathering, and POA&M mitigation.
- Lead security architecture reviews for mission-critical systems, ensuring secure-by-design principles across federal systems and networks.
- Integrate security into the federal SDLC by defining secure coding standards, conducting code reviews, and providing architectural input.
- Conduct and lead advanced security testing.
- Provide CISSP-level expertise on risk evaluation, compensating controls, and secure architecture guidance.
- Guide enterprise risk posture by advising leadership on vulnerabilities, mitigations, and long-term remediation planning.
- Ensure secure configurations of cloud resources within AWS GovCloud FedRAMP environments.
- All other duties as assigned by management.
Skills and Qualifications:
- Bachelor’s degree in computer science or related field
- 10 years in application development and IT security
- Experience performing risk assessments for Federal systems in AWS GovCloud
- Experience supporting FedRAMP High/Moderate systems
- Knowledge in Java, Python, HTML, SQL, CSS and cloud computing
- Excellent communication and management skills.
Certifications Required:
- Certified Secure Software Lifecycle Professional (CSSLP)
- Certified Information Systems Security Professional (CISSP)
- CompTIA Security +
Certifications Preferred:
- Certified Ethical Hacker (CEH)
Security Clearance Requirements:
- Must be a U.S. Citizen
- Must have an active DoD Secret clearance.
Work Location:
- Fairfax, VA – Corporate Headquarters (Hybrid)
Oasys is proud to be an equal opportunity employer for all protected groups, including protected veterans and individuals with disabilities.
Scan to Apply
Job Location
Job Location
This job is located in the Fairfax, Virginia, 22031, United States region.