Ashburn Consulting, LLC, based in the Washington, DC metropolitan area, specializes in providing network and network security solutions in complex environments to a select set of government and business clients. The company, an established leader in its field, is composed of an elite team of engineers and business consultants, each of whom is recognized, and highly regarded, within the network and security communities. 

Ashburn is seeking a Senior Security Code Reviewer to support a federal cybersecurity architecture opportunity. This Key Personnel role will lead application security testing, secure code review, DevSecOps pipeline integration, secure development guidance, risk assessments, and cloud/network security evaluation for a proposal opportunity.

Primary Responsibilities

• Conduct security code reviews and risk assessments for applications and enterprise systems.
• Use application security testing tools to identify vulnerabilities and provide remediation guidance.
• Integrate security testing into DevSecOps and CI/CD pipelines.
• Review application architecture, source code, dependencies, infrastructure-as-code, and deployment practices.
• Support secure coding standards, developer security training, and technical remediation guidance.
• Evaluate and improve cloud, network, and enterprise system security.
• Provide technical writing, reporting, and mentoring to engineering and development teams.
• Support federal cybersecurity compliance objectives and secure development lifecycle requirements.

Required Qualifications

• Candidates must be U.S. citizens.
• Candidates must be willing and able to work as Ashburn W-2 employees. 1099 and corp-to-corp arrangements are not permitted for these roles.
• DHS EOD / suitability is required.
• 10+ years of experience automating application security scanning processes, Zero Trust integration, and data sanitization for Government or similarly complex enterprise systems.
• Experience deploying and using Application Security Testing platforms such as Checkmarx.
• Experience automating or supporting Zero Trust Network Access (ZTNA) and Secure Web Gateway (SWG) solutions.
• Advanced security engineering experience across on-premises and cloud environments.
• Experience implementing AWS security best practices, including VPC Flow Logs, Security Lake, and audit monitoring.
• Experience building EKS clusters using Terraform and Kubernetes.
• Experience creating custom hardened AMI builds.
• Experience integrating network security tools such as Palo Alto, AlgoSec, Gigamon, and Corelight.
• Experience reviewing, evaluating, and improving security of complex systems and networks.
• Experience with vulnerability management, SIEM integrations, certificate management, single sign-on implementations, and federal regulatory compliance.
• Demonstrated ability to lead security code reviews and conduct risk assessments.
• Experience developing OS hardening strategies, evaluating firewall policies, and implementing enterprise infrastructure monitoring solutions.
• Strong technical writing, training, and mentoring skills.
• Ability to mentor development teams in secure coding practices and align technical solutions to Government cybersecurity objectives.

Preferred / Strongly Desired Qualifications

• Experience with Burp Suite, Checkmarx One, PortSwigger, SonarQube, Fortify, SAST, DAST, SCA, API security testing, or IaC scanning.
• Experience integrating application security testing into CI/CD pipelines.
• Experience with secure coding practices in Java, Python, JavaScript, C#, Ruby, SQL, React, Node.js, PowerShell, Go, or similar languages.
• Experience applying OWASP, NIST, DHS, DevSecOps, and secure software lifecycle practices.
• Secure software certification preferred, such as CSSLP, GIAC secure software credential, EC-Council secure programmer certification, or comparable experience.
• Prior DHS, DOD / DOW or federal application security experience.

PHYSICAL REQUIREMENTS:
Work is equally performed in the field as well as in a normal office environment. Lifting (up to 50lbs) may be required. Ladder climbing may be required. Driving is required. All duties performed with or without reasonable accommodations.

Additional Information

Equal Opportunity Employer/Veterans/Disabled. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail [email protected].”

Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail [email protected].”