Security Engineer Visa Sponsorship Jobs in Virginia

INTRODUCTION

Led by an experienced management team and supported by a strong investor group, including large and experienced institutions and strategic partners, EdgeConneX offers a dynamic, fast-paced work environment where we are bringing flexibility, proximity, power, and connectivity to some of the world’s key businesses. With major offices in Herndon, Denver, and Amsterdam, we have a global footprint and a unified team of employees committed to providing a premier customer experience and delivering the full spectrum of data center solutions, from core to edge, like no other data center provider can do. Focused on driving innovation and helping our customers define and deliver their own unique vision for the Edge, at any scale, in any market worldwide, for any requirement, we are building tomorrow’s data center infrastructure, today for some of the world’s most demanding Network, Content, and Cloud customers.

ROLE AND RESPONSIBILITIES

EdgeConneX is seeking a skilled and experienced Application Security Engineer to join our team. The ideal candidate will have at least five years of hands-on experience in application security, a bachelor’s degree or higher in Computer Science or a related field, strong knowledge of secure coding practices and relevant professional certifications. You will be responsible for ensuring the security of our software applications throughout the development life cycle, working closely with developers, architects, and IT teams to identify, remediate, and prevent security vulnerabilities. This position reports to our Global Head of Cybersecurity and is based in Herndon, VA and provides flexibility for a hybrid onsite work schedule. There is a limited amount of travel needed for this position, but the flexibility to do so would be ideal.

Primary Responsibilities

• Conduct security assessments, code reviews, and penetration testing of web and mobile applications.
• Integrate security into all phases of the SDLC, from design through deployment.
• Perform application threat modeling, secure design reviews, and code reviews.
• Implement and manage application security testing tools (SAST, DAST, SCA, IAST).
• Collaborate with software development teams to integrate security best practices into the SDLC.
• Identify, analyze, and remediate vulnerabilities using industry-standard tools and methodologies.
• Develop and maintain security policies, standards, and guidelines for application development.
• Monitor emerging threats, vulnerabilities, and security technologies to ensure proactive protection.
• Provide guidance and training to developers on secure coding practices.
• Participate in incident response activities related to application-level threats.
• Prepare detailed security reports and documentation for stakeholders and compliance purposes.
• Support compliance and audit requirements related to application security.
• Perform Research & Development for AI Prompt Injection Attacks, Payloads for IoT devices (byte code may be required).

BASIC QUALIFICATIONS

• Bachelor’s Degree or higher in Computer Science, Information Security, or a related discipline.
• 5+ years of professional experience in application security engineering in addition to educational background and internships.
• Strong knowledge of:
• AI, web and mobile application architectures and common vulnerabilities (e.g., OWASP Top 10).
• Web application and API security.
• Authentication, authorization, and session management.
• Encryption and secure data handling.
• Experience with:
• Application security testing tools (SAST, DAST, SCA, IAST).
• CI/CD pipeline integration and DevSecOps practices.
• Cloud-native application security (AWS, Azure, or GCP).
• Hands-on experience with security tools such as Burp Suite, OWASP ZAP, SAST/DAST scanners, and similar.
• Familiarity with secure coding practices in languages such as Java, C#, Python, or JavaScript.
• Professional security certifications such as CSSLP, CISSP, CEH, GWAPT, OSCP, Cloud security certifications (AWS / Azure Security) or equivalent.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work collaboratively in a team environment and manage multiple projects simultaneously and proactive approach to improving security.
• Strong documentation and reporting skills.

PREFERRED QUALIFICATIONS

• Master’s Degree in a relevant IT field.
• Direct experience with cloud security and establishing DevSecOps practices.
• Knowledge of compliance frameworks such as PCI DSS, GDPR, or HIPAA.
• Experience with containers and Kubernetes security.
• Knowledge of Zero Trust and secure API gateways.
• Experience with bug bounty programs or red team collaboration.
• Contributions to open-source security projects or published research.
• Extensive penetration testing experience.

EdgeConneX believes inclusion – of thought, backgrounds and experiences – affects all that we do, from our employees to the solutions we deliver. Our goal is to create an environment where embracing differences helps deepen the lives and work experience of our employees, enhances our innovation and creativity, and enriches our involvement in our communities.

EdgeConneX is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin or ancestry, physical or mental disability, as well as any other category protected by applicable federal, state, or local laws.

LOCATION

Location: Herndon, VA

COMPENSATION

EdgeConneX offers a competitive benefits package. For more information on how we process your data, visit our Data Privacy Policy here.