Date Posted: 03/04/2026
Hiring Organization: Rose International
Position Number: 497881
Industry: Government/Staffing
Job Title: Application Security Architect & Engineer
Job Location: Richmond, VA, USA, 23219
Work Model: Hybrid
Work Model Details: Hybrid/Remote (Occasional onsite required)
Shift: 8 to 5
Employment Type: Temporary
FT/PT: Full-Time
Estimated Duration (In months): 2
Min Hourly Rate($): 60.00
Max Hourly Rate($): 65.00
Must Have Skills/Attributes: AWS (Amazon Web Services), CCSP, Cybersecurity, SDLC, Security
Experience Desired: IIS and Apache, Scripting Languages and SQL, PowerShell, Firewall (2 yrs); Linux and Windows Operating Systems, Baseline hardening of operating systems (2 yrs)
Job Description
***Only qualified Application Security Architect candidates located near the Richmond, VA area will be considered due to the position requiring an onsite presence***
Required Certification:
• CompTIA Security+ or ISC2 CC (Certified in Cybersecurity) or Offensive Security Certified Professional (OSCP) or CCSP or CCLP
Desired Certification:
• CompTIA PenTest+
• Certified Ethical Hacker (CEH), or GIAC Certified Intrusion Analyst (GCIA)
Required Skills:
• Application Security (5 Years)
• Network or Firewall/AWS security Groups (2 Years)
• Infrastructure as Code (IaC): Advanced proficiency in Terraform for multi-account landing zones and automated provisioning (2 Years)
• Experience with log collection, vulnerability scans and remediation, or privileged access management (4 Years)
• Proficiency in SIEM, IDS/IPS, EDR, and other relevant security tools (4 Years)
• Networking & Hybrid Connectivity: Solid understanding of routing, firewalls, AWS Direct Connect, and VPNs in a hybrid cloud environment (4 Years)
Desired Skills:
• CI/CD & DevOps: Experience with GitLab CI/CD, Jenkins, or AWS CodePipeline for automated, secure deployments
• Splunk, Insight VM Rapid7, Tenable, CyberArk, Jenkins, Veracode
• Linux and Windows Operating Systems, Baseline hardening of operating systems
• IIS and Apache, Scripting Languages and SQL, PowerShell, Firewall
• One highly DESIRED (Independently and or with one of the above): AWS Solutions Architect (Associate/Professional) or AWS Security Specialty
Client is seeking an Application Security Engineer (ASE) with 5+ years of experience to join the Office of Technology under Joint Security Operations. In this role, the ASE serves as a dedicated security partner to application teams, providing guidance on secure design, vulnerability management, and secure development practices. The ASE works collaboratively across the SDLC to ensure security is embedded into application design, development, testing, and deployment. This includes supporting compliance requirements, delivering training and education, and assisting teams with vulnerability remediation efforts
Job responsibilities:
• Provide security guidance, training, and best practices for development and operations teams
• Support secure software development by applying knowledge of SDLC, Agile, and Scrum methodologies
• Evaluate software architecture and design for security risks and alignment with DevSecOps principles
• Promote and enforce secure coding standards and guidelines
• Review source code to identify vulnerabilities and recommend remediation strategies
• Assess security risks across multiple programming languages (e.g., JavaScript, C#, Java, Ruby, SQL)
• Analyze and secure modern web application architectures, including cloud, APIs, microservices, and client–server models
• Identify and address common vulnerabilities, including those outlined in the OWASP Top 10
• Support vulnerability remediation, patch management, and continuous improvement efforts
• Utilize application security testing tools such as SAST, DAST, IAST, and platforms like Accunetix, Veracode, Jenkins, Splunk, Rapid7, and Tenable
• Interpret and act on findings from SIEM systems, including Splunk
• Apply knowledge of common security controls and frameworks
• Ensure compliance with relevant security regulations and standards (e.g., NIST 800 53, IRS Pub 1075, PCI DSS)
• Implement and evaluate AWS cloud security controls and best practices
• Create, maintain, and review System Security Plans (SSPs)
• Troubleshoot and resolve complex technical and security-related issues
• Stay current with evolving threats, technologies, and industry trends
• Develop detailed plans and communicate risks, impacts, and recommendations effectively
• Collaborate with application teams, QA engineers, and operations teams to integrate security into workflows
• Provide constructive, actionable feedback to application teams
• Communicate technical concepts clearly to both technical and non technical audiences
• Work closely with other security analysts and technology teams to support agency and enterprise security initiatives
• Manage multiple tasks, prioritize effectively, and meet deadlines
• Apply critical thinking to evaluate and mitigate security risks and vulnerabilities
The position is hybrid/remote (occasional onsite work required). The candidate must be a U.S. citizen or permanent resident.
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).
My on-boarding with Rose was outstanding. The packets of information, the process, and great attention to detail each person gave me allowed me to get started quickly.I appreciated each person's friendly and helpful attitude.
Diana, Consultant
I had a very positive experience working for Rose. The entire process is very efficient and easy.
Joanne, Consultant
You are customer service oriented. No matter whether it was the Recruiter or someone in Human Resources/Payroll, you were responsive. That to me is key!
Tonya, Consultant
Rose International has been great to me. I thank everyone there for all of their hard work; it has not gone unnoticed.
Melody, Consultant
It is a great pleasure being a part of the Rose International Team.
Toni, Consultant
EMPLOYEE COMMENTS