Application Security Tooling Engineer (Senior) – SECRET CLEARANCE REQUIRED – 100% Remote (EST hours

Job Title: Application Security Tooling Engineer (Senior) Location: Remote Clearance Required: Active Secret Employment Type: Full-Time

Overview

Cornerstone Technology Enterprises is seeking a Senior Application Security Tooling Engineer to support mission-critical cybersecurity operations for our government customer. This senior-level role serves as the technical lead and platform owner for Application Security (AppSec) scanning and tooling, providing hands-on engineering expertise while supervising and mentoring at least one other AppSec professional. The ideal candidate combines deep mastery of AppSec tooling with leadership experience, operates effectively in secure and compliance-driven environments, and can collaborate across infrastructure, cybersecurity, and DevSecOps teams to support enterprise-level vulnerability management and incident response capabilities.

Key Responsibilities

AppSec Tooling Leadership and Engineering

• Lead the design, deployment, administration, and optimization of AppSec scanning tools, including Sonatype, Fortify, StackRox, and Burp Suite across on-premises and cloud environments.
• Serve as the primary technical authority for AppSec architecture, configuration standards, and operational best practices.
• Perform system upgrades, patching, performance tuning, and advanced troubleshooting for the AppSec toolset.
• Experience with Oracle Cloud Infrastructure is strongly preferred.

Team Leadership and Mentoring

• Supervise, mentor, and provide technical guidance to at least one other AppSec professional.
• Delegate tasks, review work quality, and support the professional development of team members.
• Foster a collaborative, mission-focused team environment aligned with program objectives.

DevSecOps and CI/CD Integration

• Lead the integration of AppSec tools into CI/CD pipelines to support automated security testing and DevSecOps practices.
• Coordinate with development and infrastructure teams to improve vulnerability detection and remediation workflows.

Vulnerability Management and Reporting

• Oversee the identification, analysis, and reporting of application-level vulnerabilities.
• Design and maintain advanced dashboards, alerts, and reports to communicate security posture to stakeholders.
• Support RMF/ATO evidence needs and continuous monitoring activities.

Security and Compliance

• Implement and enforce tool configurations aligned with DoD security policies and compliance standards.
• Apply and maintain applicable STIGs and system hardening guidance.
• Support audit readiness and incident response activities as needed.

Agile Collaboration and Documentation

• Participate in Agile ceremonies, including stand-ups, sprint planning, and retrospectives.
• Use Jira for workflow management, backlog tracking, and documentation.
• Develop and maintain SOPs, runbooks, and technical documentation.

Required Qualifications

• Minimum of 5 years of hands-on Application Security engineering experience.
• Active Secret or Interim Secret clearance.
• DoD 8570 IAT Level II certification (e.g., CompTIA Security+).
• Demonstrated experience leading or mentoring technical team members.
• Strong analytical, troubleshooting, and problem-solving skills.
• Excellent written and verbal communication skills.

Desired Qualifications

• Experience serving as a technical lead or platform owner for AppSec tooling.
• Hands-on experience with Sonatype, Fortify, StackRox, and Burp Suite in production environments.
• Familiarity with Oracle Cloud Infrastructure.
• Experience with CI/CD tools and DevSecOps methodologies.

Why Join Cornerstone? Cornerstone Technology Enterprises is a veteran-owned small business with deep experience supporting federal and defense missions. Our teams operate inside production environments, supporting systems that matter, while maintaining a culture that values trust, accountability, and technical excellence. Pay: $140,000.00 - $170,000.00 per year Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee discount
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Retirement plan
• Vision insurance

License/Certification:

• CompTIA Security+ (Required)

Security clearance:

• Secret (Required)

Work Location: Remote Apply tot his job Apply To this Job