Web Developer Security Engineer

B

Basecamp Consulting & Solutions LLC

Web Developer Security Engineer

Washington, DC
Full Time
Paid
  • Responsibilities

    Benefits:

    401(k) matching

    Bonus based on performance

    Competitive salary

    Dental insurance

    Health insurance

    Paid time off

    Parental leave

    Training & development

    Vision insurance

    ORGANIZATIONAL BACKGROUND

    Established in August 2016, Basecamp Consulting and Solutions is a dynamic Information Technology (IT) consulting firm committed to delivering results for our clients. Specializing in next-generation IT and digital transformation solutions, Basecamp Consulting and Solutions is dedicated to helping clients achieve success through trust, innovation, quality work, and a steadfast commitment to results.

    At Basecamp, we believe in the power of emerging technologies to propel our clients toward their goals. Our focus lies in business and IT modernization, utilizing Cloud solutions, cybersecurity, and cutting-edge application development. We pride ourselves on a team of talented professionals who are passionate about supporting our clients on their journey towards innovative outcomes.

    Basecamp Consulting and Solutions is dedicated to pushing the boundaries of IT consulting and we are equally committed to embodying these principles in every facet of our work.

    POSITION OVERVIEW

    Reporting to the Program Manager, the Web Developer Embeds security across the SDLC for mission-critical web apps, APIs, and sensitive data. Identifies/remediates vulnerabilities, logic flaws, insecure dependencies, and misconfigurations; drives end-to-end vulnerability lifecycle with threat modeling and validation; advises on secure design patterns and protocols; analyzes web/app logs for IoCs; builds automation for threat-intel integration and incident response; deploys/tunes WAF and FIM; ensures NIST 800-53 / FISMA / FedRAMP compliance and supports audits and authorization.

    REQUIRED QUALIFICATIONS

    Ability to obtain a Federal Security Clearance

    Hands-on secure software dev, DevSecOps automation, vulnerability remediation

    Log analysis, FIM, WAF management

    3+ Web AppSec / AppSec Engineering / SSDLC

    Modern web tech incl. .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, SQL;

    AI-assisted dev tools (Copilot, OpenAI API/Codex) + scripting (Python, JS/Node.js, Java, React.js, TypeScript);

    OWASP Top 10 & secure coding; WAF and FIM deploy/tune;

    Security testing tools (Wireshark, SIEM, IDS/IPS, NDR, EDR); risk assessment;

    DevSecOps CI/CD security gates; security metrics & compliance reporting;

    Tier II security ops support.

    Preferred: Federal framework authorization (NIST 800-53/FISMA/FedRAMP); threat modeling; CI/CD security gate automation; AWS & container security (Docker, Kubernetes).

    Education: Bachelor's+ (CS/Cyber/IS/Engineering/related).

    Credentials (current): one or more of — AppSec: CSSLP / GWEB / CASE; Offensive: OSWE / OSCP; Foundational: Security+ / GSEC.

    Flexible work from home options available.