All candidates MUST be US Citizens with the ability to obtain a federal public trust clearance.
About Nollou Technology:
Nollou Technology is a woman-owned small business dedicated to providing innovative technology solutions to federal government clients. We prioritize our employees’ well-being, foster a values-driven, family-first corporate culture, and always put our clients’ needs first. Our corporate environment is fun, relaxed, and collaborative. At Nollou Technology, we innovate for impact and strive to build a happy team that genuinely enjoys working together to transform the way our clients work.
Job Summary:
Nollou Technology is seeking a Senior Application Security Engineer to join our rapidly growing and innovative cybersecurity team. This position will play a critical role in designing, implementing, and operating our Federal client’s Static Application Security Testing (SAST) product, Veracode. The successful candidate will have prior experience with SAST tools, preferably Veracode SaaS, and excellent communication, writing, and presentation skills to lead the design and engineering efforts for the Veracode product.
Our client’s fast-paced environment requires regular video conferencing, email, and Google Chat during core business hours. The AppSec program is in its infancy and will be rolled out enterprise-wide, with the Senior AppSec Engineer leading the initiative, supported by a dedicated business analyst for documentation, training, communication, and implementation across the client’s application development teams.
Responsibilities:
- Lead the establishment of the Application Security program for our federal government client
- Stand up and configure Veracode to meet Federal client requirements and implement best practices, with the support of Veracode professional services
- Lead the implementation and integration of Veracode with 60+ FISMA systems of varying sizes
- Define implementation best practices and train teams on Veracode
- Develop roadshow slide decks and brief application development teams on Veracode and SAST best practices
- Act as a consultant providing guidance to application development teams on integrating Veracode into their CI/CD pipelines
Required Qualifications:
- Minimum of 5 years of experience in the IT security industry
- Bachelor of Science in Computer Science, Information Systems, Mathematics, Engineering or related degree desired. In lieu of degree, an additional 5 years of IT security experience is acceptable.
- Regular availability for video conferencing, email, and Google chat during core business hours of 9-5 EST
- Extensive experience with Static Application Security Testing (SAST) tools, particularly Veracode
- Proven track record of implementing and operating SAST tools in enterprise environments
- Deep understanding of application security principles and best practices
- Ability to assess, design, and implement application security programs
- Experience integrating security tools into Continuous Integration/Continuous Deployment (CI/CD) pipelines
- Knowledge of DevSecOps practices
- Demonstrated ability to lead technical projects
- Experience in training and mentoring development teams on security best practices
- Ability to create and deliver presentations, training materials, and documentation
- Strong interpersonal skills to effectively collaborate with clients and internal teams
- Capability to conduct security assessments and provide actionable recommendations
- Experience working with security vendors and managing professional services engagements
Preferred Qualifications:
- Experience with integrating security tools into CI/CD pipelines
- Familiarity with FISMA compliance requirements
- Experience in training and presenting to technical teams
Why Join Nollou Technology?
- Be part of a values-driven, family-first corporate culture
- Enjoy a fun, relaxed, and collaborative work environment
- Engage in meaningful work that transforms the way federal clients operate
- Join a rapidly growing team with opportunities for professional development and growth
Benefits Snapshot (includes, but not limited to)
- Medical, Dental, and Vision Coverage for Full-time Employees
- 401K Matching
- Paid Time Off
- Paid Time On – Pursue innovation
- Nollou University – Online Education and Training
- Paid for Professional Certifications
- Referral Bonuses
- Performance Based Bonuses
Salary Range
The salary range for this position is a general guideline and not a guarantee of compensation or salary. It has been benchmarked in relation to the scope of the role, market rate, and internal equity. The salary for this role is expected to be in the $120,000 - $150,000 range. Where a candidate falls within the band can be determined based on one or more of the following: skillset, experience level, achievements, education, geographic location, security clearance, involvement in corporate tasks, and other non-discriminatory factors. In addition to the base salary, this role will include benefits as described above. Nollou reserves the right to adjust the salary range, experience requirements, and position responsibilities at any time without prior notice.
Equal Employment Opportunity
Nollou Technology is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex (including pregnancy, sex stereotyping, gender identity, gender expression or transgender status), religion, age, marital status, sexual orientation, military/veteran status, physical or mental disability, genetic information/history or any other personal characteristic protected by law.
Authorization to Share Resume and Personal Information
By submitting your resume for this position, you authorize Nollou Technology to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Nollou Technology or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.