Application Security Developer

Fairfax, VA
Aug 29, 2017
Institution Type
Outside Academe

Job Description
Application Security Developer

Position Description
CGI Federal's Emerging Technologies Practice (ETP) seeks a highly-motivated Security Developer to join their Cyber Security team. The candidate will join a multi-disciplinary team of security specialists, engineers, project managers and delivery professionals responsible for supporting various Defense and Civilian contracts Your future duties and responsibilities
As an Application security developer, responsibilities would include analyzing applications and code for vulnerability, researching threats and attack vectors that impact web application and infrastructure, Participate in security architecture, design, and control implementation document, explain risks and vulnerabilities to technical stakeholders, participate at times with client teams to write secure code Required qualifications to be successful in this role
3+ years of experience.
•Knowledge of secure development principles in at least one environment (i.e. Java or .NET) System development experience in technologies like Java, JavaScript, Angular JS, Python, Ruby, .Net technologies is highly desired
Awareness of security-related best programming practices for J2EE and .NET
Experience with System and Application Vulnerability assessment/ Penetration testing experience is desired.
Experience using scan/ attack/ assessment tools and techniques, including proficiency in at least one common framework such as Metasploit.
Ability to discover and exploit OWASP/ SANS application vulnerabilities
Strong verbal/written communication skills
Code review skills are a definite plus
Experience designing and executing web application security evaluations, solo and as part of a team
Application security testing techniques, using automated tools and manual testing
Creation of exploit proofs of concept
Discovery of application security weaknesses, and writing recommendations for preventing or fixing them
Knowledge of the SDLC and experience working with development teams
Understanding of web application technologies and development processes
Up-to-date knowledge of current threats
Analyze and Respond to vulnerability inquiries and vulnerability reports.
Research threats and attack vectors that impact web applications and infrastructure.
Assess new and existing applications and system deployments for vulnerabilities and design flaws, and prioritize remediation efforts based on risk.
Hands on experience with one or more tools like BurpSuite, Kali, BeEF, Fuzzers, MetaSploit, HP Fortify, YASCA. Appscan, AppDetective, Nessus is desired.
One or more certifications like CISSP, CEH, Security +, OSCP desired
Ability to document and explain risks and vulnerabilities to technical stakeholders. Build your career with us.

It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change-supporting our clients' digital journeys and offering our professionals exciting career opportunities.

At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.

Be part of building one of the largest independent technology and business services firms in the world.

Learn more about CGI at

No unsolicited agency referrals please.

CGI is an equal opportunity employer.

Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.


  • Security



Company Description
At CGI, we are a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 68,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at

This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.

We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.

No unsolicited agency referrals please.

Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, protected veteran status or disability.

Fairfax, VA


Mon, 28 Aug 2017 14:22:09 PDT