Security Engineer

Location :

Richmond, Hybrid (3 days on-site)

Duration : 12 month contract

Language :

English, professional proficiency in written and spoken communication

About the Opportunity

This is an opportunity to play a hands‑on role in strengthening security across the full software development lifecycle within a collaborative DevSecOps environment. You’ll work closely with DevOps and product teams to embed secure‑by‑design principles into modern applications and cloud platforms, helping protect systems that support critical services.

Operating within a public sector organization, this role offers the chance to balance technical depth with meaningful impact. Your expertise will influence architecture decisions, security tooling, and developer practices, ensuring confidentiality, integrity, and availability are built in from day one, not bolted on later.

What’s in it for You

A hybrid work model that supports balance and consistency

The chance to influence security strategy across enterprise‑scale platforms

Exposure to modern DevSecOps practices, cloud security, and emerging AI security considerations

A collaborative, people‑first environment that values knowledge sharing and mentorship

Your Responsibilities

You’ll lead threat modeling activities to identify and mitigate security risks during design and architecture phases.

In this role, you’ll perform secure code reviews, design reviews, and black‑box and white‑box penetration testing.

You’ll embed SCA, SAST, and DAST tools into CI / CD pipelines and continuously tune them for accuracy and impact.

You’ll create and maintain Azure security policies to support secure cloud deployments.

You’ll manage vulnerability and risk management processes across the full development lifecycle.

You’ll partner with DevOps teams to define security controls, user stories, and best practices.

You’ll deliver secure coding training and support incident response as a security subject matter expert.

Skills and Qualifications

6+ years of progressive experience in security engineering roles

An undergraduate degree in Computer Science or a STEM‑related field

Industry certifications such as CISSP, CEH, or equivalent

Strong expertise in threat modeling, SCA, SAST, DAST, and web application penetration testing

Deep knowledge of security controls across application and infrastructure layers

Working knowledge of AI security design principles and controls

Note from the Hiring Manager

"We’re looking for a security engineer who enjoys working closely with developers and architects, someone who can translate security requirements into practical solutions that teams can actually use."

#J-18808-Ljbffr