Home › Companies › Shorepointinc › Application Security Engineer
Application Security Engineer
Shorepointinc · Remote · Active · BambooHR
Job facts
| Field | Value |
|---|---|
| Company | Shorepointinc |
| Title | Application Security Engineer |
| Normalized title | - |
| Department / team | Staff |
| Location | Herndon, VA, United States |
| Work model | Remote / Remote |
| Employment type | Full Time |
| Salary | - |
| Status | active |
| ATS provider | BambooHR |
| Posted / first seen | 2026-01-21 / 2026-05-30 |
| Changed / last seen | 2026-05-30 / 2026-06-06 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Shorepointinc. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through BambooHR. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Herndon. | Open |
| Department jobs | Active postings in Staff. | Open |
| Work model jobs | Active Remote postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Shorepointinc |
| Source | 8f3b3eb9-ce20-4a59-8d89-dc4f1c2bfd80 |
| ATS provider | BambooHR |
Description
Who we are:
ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance, reimbursement and more.
Who we’re looking for:
We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security Testing (SAST & DAST) methodologies and enterprise-level security controls. Your mission is to fortify our software supply chain by integrating rigorous security testing directly into the development lifecycle to preemptively neutralize vulnerabilities. The Application Security Engineer will be responsible for the end-to-end administration of Burp Suite and Veracode, managing Integrated Development Environment (IDE) plugins and ensuring all enterprise web applications align with federal compliance and OWASP standards. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.
What you’ll be doing:
Support and operate application security testing capabilities across SAST, DAST and IDE plug-in environments, with primary focus on Burp Suite and Veracode.
Configure, maintain and troubleshoot Burp Suite and Veracode integrations to enable consistent application security testing workflows.
Partner with development and engineering teams to identify, validate and remediate security vulnerabilities.
Apply vulnerability standards and scoring methodologies to findings, including OWASP Top 10, CVSS, CWE, WASC and SANS-25.
Navigate and troubleshoot within Linux or UNIX environments, including basic website connectivity issues.
Support the design and implementation of enterprise-wide security controls that secure applications, systems, networks or infrastructure services.
Use IDEs and development toolchains (Eclipse, JDeveloper, Visual Studio) to support developer workflows, including pipeline development activities where applicable.
Support compliance-aligned security activities in federal environments leveraging NIST 800-53, FIPS and/or FedRAMP standards.
What you need to know:
Strong understanding of application security testing concepts and operational support for SAST, DAST and IDE plug-in environments.
Hands-on capability with enterprise web application security and common vulnerability classes.
Familiarity with vulnerability scoring, classification and prioritization frameworks (OWASP Top 10, CVSS, CWE, WASC, SANS-25).
Working knowledge of federal compliance standards (NIST 800-53, FIPS, FedRAMP).
Ability to work effectively in Linux or UNIX environments for navigation and basic troubleshooting.
Ability to communicate findings clearly and work cross-functionally to support remediation.
Must have’s:
Bachelor’s degree in an IT-related field.
6+ years of Information Technology experience.
3+ years of experience supporting SAST, DAST and IDE plug-in environments using Burp Suite, including 3+ years of hands-on Burp Suite experience.
1+ year of experience supporting SAST, DAST and IDE plug-in environments using Veracode.
3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, networks or infrastructure services.
2+ years of experience with Java, Python, .NET or C#.
2+ years of experience working in Linux-based environments, including navigating and troubleshooting basic website connectivity issues.
Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
Experience with Eclipse, JDeveloper and/or Visual Studio, including pipeline development experience.
Experience securing enterprise web applications, including familiarity with OWASP Top 10, CVSS, CWE, WASC and SANS-25.
Knowledge of federal compliance standards, including NIST 800-53, FIPS and/or FedRAMP.
Applicants must be a U.S. citizen in compliance with federal contract requirements.
Beneficial to have:
Industry recognized certifications.
Experience with Interactive Application Security Testing (IAST) tools and capabilities.
Experience with HackerOne.
Experience with Selenium.
Experience writing bash scripts.
Experience with OWASP ZAP or Burp Proxy.
Where it’s done:
Remote (Herndon, VA).
Full job record
| Job ID | 09bd59c2b889f47b66c52242b0500438f84f84a6 |
| Org ID | ba8a0b6d-b2b7-4f57-98e0-20909e905a41 |
| Source ID | 8f3b3eb9-ce20-4a59-8d89-dc4f1c2bfd80 |
| Board ID | 8f3b3eb9-ce20-4a59-8d89-dc4f1c2bfd80 |
| Provider | bamboohr |
| Provider Job Key | 848 |
| Title | Application Security Engineer |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | — |
| Department | Staff |
| Team | — |
| Employment Type | full_time |
| Workplace Type | remote |
| Remote Policy | remote |
| Country | United States |
| Region | VA |
| City | Herndon |
| Salary Raw | — |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://shorepointinc.bamboohr.com/careers/848 |
| Apply URL | https://shorepointinc.bamboohr.com/careers/848 |
| First Seen At | 2026-05-30 05:58:08Z |
| Last Seen At | 2026-06-06 09:45:56Z |
| Last Checked At | 2026-06-06 09:45:56Z |
| Last Changed At | 2026-05-30 05:58:08Z |
| Inactive At | — |
| Source Posted At | 2026-01-21 00:00:00Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=bamboohr/board=shorepointinc/date=2026-06-06/2026-06-06T09-45-55-272Z-6b2ecd4669f1a82076effded4764d1b93f1b3cd79f1ba1db0544865275727ce3.json |
Event Fields
{
"content_hash": "bf3f630de50772e46f8f9b79e55744d183cfd000072706acb3d57c08e2f4f301",
"source_hash": "265c1621d7cedafd4ae175f7892015d4f5e184b7fc0011af623559f5abdd9728",
"last_changed_at": "2026-05-30T05:58:08.457Z",
"active_status": "active"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "Herndon, Virginia, United States",
"city": "Herndon",
"region": "VA",
"country": "United States",
"is_remote": true,
"confidence": 0.8
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-06T09:45:56.181Z",
"launch_scope": {
"reason": "bamboohr_production_catalog",
"included": true,
"location": {
"raw": "Herndon, Virginia, United States",
"city": "Herndon",
"region": "VA",
"country": "United States",
"is_remote": true,
"confidence": 0.8
},
"countries": [
"United States"
]
},
"remote_policy": "remote",
"salary_period": null,
"workplace_type": "remote",
"salary_currency": null
}Extensions
{}Native Structured
{
"list_job": {
"id": "848",
"isRemote": null,
"location": {
"city": null,
"state": null
},
"atsLocation": {
"city": "Herndon",
"state": "Virginia",
"country": "United States",
"province": null
},
"departmentId": "18436",
"locationType": "1",
"jobOpeningName": "Application Security Engineer",
"departmentLabel": "Staff",
"employmentStatusLabel": "Full-Time"
},
"detail_errors": [],
"detail_job_opening": {
"location": {
"city": null,
"state": null,
"postalCode": null,
"addressCountry": null
},
"datePosted": "2026-01-21",
"atsLocation": {
"city": "Herndon",
"state": "Virginia",
"country": "United States",
"countryId": "1"
},
"description": "<p><span style=\"font-weight: bold\">Who we are:</span></p>\n<p><br></p>\n<p>ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community. </p>\n<p><br></p>\n<p><span style=\"font-weight: bold\">The Perks:</span></p>\n<p><br></p>\n<p>As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance, reimbursement and more.</p>\n<p><br></p>\n<p><span style=\"font-weight: bold\">Who we’re looking for:</span></p>\n<p><br></p>\n<p>We are seeking an <span style=\"font-weight: bold\">Application Security Engineer</span> with expertise in Static and Dynamic Application Security Testing (SAST & DAST) methodologies and enterprise-level security controls. Your mission is to fortify our software supply chain by integrating rigorous security testing directly into the development lifecycle to preemptively neutralize vulnerabilities. The <span style=\"font-weight: bold\">Application Security Engineer</span> will be responsible for the end-to-end administration of Burp Suite and Veracode, managing Integrated Development Environment (IDE) plugins and ensuring all enterprise web applications align with federal compliance and OWASP standards. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.</p>\n<p><br></p>\n<p><span style=\"font-weight: bold\">What you’ll be doing:</span></p>\n<p><br></p>\n<ul>\n<li>Support and operate application security testing capabilities across SAST, DAST and IDE plug-in environments, with primary focus on Burp Suite and Veracode.</li>\n<li>Configure, maintain and troubleshoot Burp Suite and Veracode integrations to enable consistent application security testing workflows.</li>\n<li>Partner with development and engineering teams to identify, validate and remediate security vulnerabilities.</li>\n<li>Apply vulnerability standards and scoring methodologies to findings, including OWASP Top 10, CVSS, CWE, WASC and SANS-25.</li>\n<li>Navigate and troubleshoot within Linux or UNIX environments, including basic website connectivity issues.</li>\n<li>Support the design and implementation of enterprise-wide security controls that secure applications, systems, networks or infrastructure services.</li>\n<li>Use IDEs and development toolchains (Eclipse, JDeveloper, Visual Studio) to support developer workflows, including pipeline development activities where applicable.</li>\n<li>Support compliance-aligned security activities in federal environments leveraging NIST 800-53, FIPS and/or FedRAMP standards.</li>\n</ul>\n<p><br></p>\n<p><span style=\"font-weight: bold\">What you need to know:</span></p>\n<p><br></p>\n<ul>\n<li>Strong understanding of application security testing concepts and operational support for SAST, DAST and IDE plug-in environments.</li>\n<li>Hands-on capability with enterprise web application security and common vulnerability classes.</li>\n<li>Familiarity with vulnerability scoring, classification and prioritization frameworks (OWASP Top 10, CVSS, CWE, WASC, SANS-25).</li>\n<li>Working knowledge of federal compliance standards (NIST 800-53, FIPS, FedRAMP).</li>\n<li>Ability to work effectively in Linux or UNIX environments for navigation and basic troubleshooting.</li>\n<li>Ability to communicate findings clearly and work cross-functionally to support remediation.</li>\n</ul>\n<p><br></p>\n<p><span style=\"font-weight: bold\">Must have’s:</span></p>\n<p><br></p>\n<ul>\n<li>Bachelor’s degree in an IT-related field.</li>\n<li>6+ years of Information Technology experience.</li>\n<li>3+ years of experience supporting SAST, DAST and IDE plug-in environments using Burp Suite, including 3+ years of hands-on Burp Suite experience.</li>\n<li>1+ year of experience supporting SAST, DAST and IDE plug-in environments using Veracode.</li>\n<li>3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, networks or infrastructure services.</li>\n<li>2+ years of experience with Java, Python, .NET or C#.</li>\n<li>2+ years of experience working in Linux-based environments, including navigating and troubleshooting basic website connectivity issues.</li>\n<li>Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.</li>\n<li>Experience with Eclipse, JDeveloper and/or Visual Studio, including pipeline development experience.</li>\n<li>Experience securing enterprise web applications, including familiarity with OWASP Top 10, CVSS, CWE, WASC and SANS-25.</li>\n<li>Knowledge of federal compliance standards, including NIST 800-53, FIPS and/or FedRAMP.</li>\n<li>Applicants must be a U.S. citizen in compliance with federal contract requirements.</li>\n</ul>\n<p><br></p>\n<p><span style=\"font-weight: bold\">Beneficial to have:</span></p>\n<p><br></p>\n<ul>\n<li>Industry recognized certifications.</li>\n<li>Experience with Interactive Application Security Testing (IAST) tools and capabilities.</li>\n<li>Experience with HackerOne.</li>\n<li>Experience with Selenium.</li>\n<li>Experience writing bash scripts.</li>\n<li>Experience with OWASP ZAP or Burp Proxy.</li>\n</ul>\n<p><br></p>\n<p><span style=\"font-weight: bold\">Where it’s done:</span></p>\n<p><br></p>\n<ul>\n<li>Remote (Herndon, VA).</li>\n</ul>",
"compensation": null,
"departmentId": "18436",
"locationType": "1",
"seekPromoted": false,
"jobCategoryId": "18380",
"jobOpeningName": "Application Security Engineer",
"departmentLabel": "Staff",
"jobOpeningStatus": "Open",
"minimumExperience": "Experienced",
"jobOpeningShareUrl": "https://shorepointinc.bamboohr.com/careers/848",
"employmentStatusLabel": "Full-Time"
}
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/09bd59c2b889f47b66c52242b0500438f84f84a6?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/ba8a0b6d-b2b7-4f57-98e0-20909e905a41JSONGET https://api.bluedoor.sh/job-postings/v1/sources/8f3b3eb9-ce20-4a59-8d89-dc4f1c2bfd80JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/09bd59c2b889f47b66c52242b0500438f84f84a6/eventsJSON