Jobs at Loch Harbour Group (Now Hiring) — 6 open

Web Developer Security Engineer

Washington, District of Columbia, United States · On-site

$160k–$190k/yr

Mid level

Description We are seeking a highly skilled Web Developer Security Engineer to support the design, development, implementation, and maintenance of secure web applications and cybersecurity solutions. The ideal candidate …

Skills: Application Security, Secure Software Development Lifecycle, DevSecOps, Vulnerability Remediation, OWASP Top 10

Loch Harbour Group

Technical Editor Subject Matter Expert (SME)

Washington, District of Columbia, United States · On-site

$85k–$100k/yr

Senior

Description Loch Harbour Group is seeking a Technical Editor SME to provide editorial quality assurance for communications, technical, and stakeholder-facing products. The role ensures content is accurate, clear, consist…

Skills: Technical Editing, Quality Assurance, Content Strategy, Section 508 Compliance, Editorial Judgment

Loch Harbour Group

Databricks Engineer (Databricks / Qlik / Python) | Active Secret Clearance Required

San Diego, California, United States · Remote OK

$150k–$200k/yr

Senior+

Description Loch Harbour Group is seeking a Senior Databricks Engineer to support a high-visibility, mission-critical environment within the Navy. This role operates at the intersection of data engineering, solution arch…

Skills: Databricks, Qlik Sense, QlikView, Python, SQL

Loch Harbour Group

Senior Writer & Media Coordinator (Writer SME)

Washi, Sichuan, China · Hybrid

$120k–$140k/yr

Senior+

Description Loch Harbour Group is seeking a Senior Writer & Media Coordinator (Writer SME) to provide senior-level writing, storytelling, editorial, and media outreach support for communications and stakeholder engagemen…

Skills: Technical Writing, Storytelling, Editorial Coordination, Media Outreach, Stakeholder Engagement

Loch Harbour Group

Social Media Specialist – Digital Engagement & Analytics

Washington, District of Columbia, United States · Remote OK

$80k–$90k/yr

Senior

Description Loch Harbour Group is seeking a Social Media Specialist to develop and execute social media strategies, content, campaigns, and analytics activities that increase awareness, engagement, and stakeholder partic…

Skills: Social Media Strategy, Content Creation, Digital Analytics, LinkedIn Strategy, Campaign Management

Loch Harbour Group

Material Control Technician (Onsite)

Aurora, Colorado, United States · On-site

Mid level

Description Loch Harbour Group is seeking a Material Control Technician to support logistics, supply chain management, and inventory control functions. This role will be responsible for tracking materials, maintaining in…

Skills: Logistics, Supply Chain Management, Inventory Control, MS Office, Excel

Web Developer Security Engineer

Loch Harbour Group

Washington, District of Columbia, United States • On-site

Apply

Mid level

Tired of cold applications?

Sign up with Clera and we'll reach out the moment a role actually fits you — no more spraying applications into the void.

$160k–$190k/yr
Full-time
bachelor degree, professional certificate
Competitive salaries, Paid time off, Health insurance, Dental insurance, Vision insurance, Short term disability
Posted 3d ago
~40 hrs/week

Responsibilities

Design and maintain secure web applications while integrating security throughout the software development lifecycle. Implement DevSecOps automation, perform vulnerability assessments, and ensure compliance with Federal cybersecurity frameworks.

Requirements

Requires at least three years of experience in AppSec or SSDLC and proficiency in modern web technologies and security tools. Must be a U.S. citizen eligible for Public Trust clearance and hold specific security certifications.

Full job description

Description

We are seeking a highly skilled Web Developer Security Engineer to support the design, development, implementation, and maintenance of secure web applications and cybersecurity solutions. The ideal candidate will possess deep expertise in Application Security (AppSec), Secure Software Development Lifecycle (SSDLC), DevSecOps automation, vulnerability remediation, and Federal cybersecurity compliance frameworks. This role requires a proactive security mindset and the ability to integrate security throughout the software development lifecycle while supporting mission-critical systems.

Key Responsibilities:

Secure Software Development & Application Security

Design, develop, and maintain secure web applications utilizing modern web technologies and frameworks including .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, and SQL.
Implement Secure Software Development Lifecycle (SSDLC) practices and secure coding standards.
Conduct application security reviews, threat modeling, risk assessments, and vulnerability remediation activities.
Ensure compliance with Open Worldwide Application Security Project (OWASP) Top 10 guidelines and industry security best practices.
Leverage AI-assisted development tools such as GitHub Copilot, OpenAI APIs, and automation frameworks to improve security monitoring, code quality, and compliance auditing.

DevSecOps & Security Automation

Implement and maintain DevSecOps processes within CI/CD pipelines.
Automate security testing, vulnerability scanning, compliance validation, and security gate enforcement throughout the development lifecycle.
Develop scripts and automation solutions using Python, JavaScript/Node.js, Java, React.js, and TypeScript.
Collaborate with development, operations, and cybersecurity teams to ensure secure software deployment and operations.

Security Monitoring & Incident Response

Perform log analysis, security monitoring, and forensic investigations.
Configure and maintain File Integrity Monitoring (FIM) solutions to detect unauthorized changes to web content and critical system files.
Deploy, tune, and manage Web Application Firewalls (WAFs) to protect custom-developed applications against evolving cyber threats.
Support Tier II security operations and provide recommendations for continuous security improvements.

Cybersecurity Compliance & Risk Management

Perform risk assessments and analyze cyber threats affecting enterprise applications and infrastructure.
Develop security metrics, compliance reporting, and audit documentation.
Support Federal cybersecurity compliance efforts including:
- NIST SP 800-53
- FISMA
- FedRAMP
Evaluate, recommend, and implement security controls for web, cloud, and mobile device solutions.

Cloud & Infrastructure Security

Implement security controls for cloud environments, including AWS.
Secure containerized environments using Docker and Kubernetes.
Support security operations through the use of SIEM, IDS/IPS, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), and related cybersecurity technologies.

Requirements

Required Qualifications:

Minimum of three (3) years of experience in Web Application Security, Application Security Engineering (AppSec), or Secure Software Development Lifecycle (SSDLC).
Extensive hands-on experience in:
- Secure software development
- DevSecOps automation
- Vulnerability assessment and remediation
Experience developing web applications using modern technologies and frameworks, including:
- .NET (C# MVC, WCF)
- HTML5
- CSS3
- JavaScript
- REST APIs
- SQL
Proficiency in:
- Log analysis
- File Integrity Monitoring (FIM)
- Web Application Firewall (WAF) administration and management
Strong understanding of:
- OWASP Top 10
- Secure coding standards
- Web application vulnerability mitigation techniques
Experience deploying, configuring, tuning, and maintaining Web Application Firewall (WAF) solutions for custom-developed web applications.
Experience configuring and managing File Integrity Monitoring (FIM) solutions to detect and alert on unauthorized changes to web content and critical files.
Ability to leverage AI-assisted development tools (e.g., GitHub Copilot, OpenAI API/Codex) and scripting languages such as:
- Python
- JavaScript/Node.js
- Java
- React.js
- TypeScript
Familiarity with security monitoring and testing tools, including:
- Wireshark
- SIEM platforms
- IDS/IPS
- Network Detection and Response (NDR)
- Endpoint Detection and Response (EDR)
Ability to:
- Perform risk assessments
- Analyze cybersecurity threats
- Develop remediation recommendations for enterprise systems and applications
Proven experience implementing DevSecOps principles and integrating security controls throughout CI/CD pipelines.
Experience developing security metrics, managing compliance reporting, and auditing systems against established security baselines.
Experience evaluating, recommending, and implementing security controls for mobile devices and mobile web applications.
Experience providing Tier II security operations support and recommending continuous security improvements for existing infrastructure.
Demonstrated ability to work independently and collaboratively within cross-functional teams.

Desired Qualifications

Experience supporting enterprise security operations in complex Federal or regulated environments.
Experience automating security monitoring, compliance validation, and audit activities.
Strong analytical, troubleshooting, and problem-solving skills with the ability to address emerging cybersecurity threats.

Education

Bachelor's degree or higher in Computer Science, Cybersecurity, Information Systems, Engineering, or a related technical field.

Security Requirement

U.S. Citizenship required.
Must be eligible to obtain and maintain a Tier 2 Public Trust clearance

Candidates must possess current certifications from one or more of the following categories:

Specialized Application Security Certifications

Certified Secure Software Lifecycle Professional (CSSLP)
GIAC Certified Web Application Defender (GWEB)
EC-Council Certified Application Security Engineer (CASE)

Offensive Security Certifications

OffSec Web Expert (OSWE)
Offensive Security Certified Professional (OSCP)

Foundational Security Certifications

CompTIA Security+
GIAC Security Essentials (GSEC)

Certification Requirements

Certifications (or equivalent predecessor certifications) must have been maintained and professionally utilized for a minimum of five (5) years.
Expired certifications will not be considered.
Certifications that have not been applied in a professional work environment will not be considered.

Preferred Qualifications

In-depth experience supporting Federal cybersecurity compliance and authorization frameworks, including:
- NIST SP 800-53
- FISMA
- FedRAMP
Proven experience in:
- Threat modeling
- Cybersecurity risk assessments
- Security architecture design
- Development of resilient and secure enterprise systems
Advanced experience implementing DevSecOps practices, including:
- Integrating security controls throughout the software development lifecycle
- Securing CI/CD pipelines
- Automating security testing and security gate enforcement
Knowledge of cloud security principles and best practices, particularly within AWS environments.
Experience securing and managing containerized environments using:
- Docker
- Kubernetes

About Loch Harbour Group

Loch Harbour Group is a Service-Disabled Veteran-Owned Small Business founded in 1995. We hold CMMI Service Maturity Level 3, ISO 9001:2015, ISO/IEC 27001:2022, and ISO/IEC 20000-1:2018 certifications, and serve federal customers across DoD, homeland security, and civilian agencies. LHG is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, national origin, age, disability, veteran status, or any other protected status.

Company Highlights:

At LHG, we offer our employees a full comprehensive and competitive benefits package. Our benefits package features:

Competitive salaries
Paid time off
Health, dental and vision insurance
Company paid short/long term disability
Company paid Life and Accidental Death & Dismemberment insurance
401(k) (up to 5% matching)
Flexible Spending Accounts (FSA)
Other company perks

The Loch Harbour Group is an equal opportunity employer, all interested qualified applicants are encouraged to apply, D/M/V/F. LHG welcomes and encourages diversity in the workforce.

Related keywords

AppSecSSDLCDevSecOpsOWASPC#MVCWCFHTML5CSS3REST APIsNode.jsJavaReact.jsTypeScriptGitHub CopilotOpenAI API

About Loch Harbour Group

LinkedIn Visit site

To learn more about Loch Harbour Group visit https://lochharbour.com/who-we-are/

Industry: IT Services and IT Consulting
Company size: 51-200 employees
Headquarters: *
LinkedIn followers: 1,216

The Loch Harbour Group (LHG) is a Certified Service Disabled Veteran-Owned Small Business. For nearly two decades, we have provided versatile, multifaceted professional services to government and private sector clients. LHG draws on many decades of accumulated experience within its organization and key contacts across the Department of Defense, Department of Homeland Security, Veterans Affairs as well as the private sector.

Offices: *, *, 22312, US · 3060 Williams Dr, Suite 510, Fairfax, Virginia 22031, US

Information Technology ServicesStrategic PlanningProgram/Project Management Supportand Acquisitions ManagementInformation Technology

View all jobs at Loch Harbour Group

About Loch Harbour Group

LinkedIn Visit site

To learn more about Loch Harbour Group visit https://lochharbour.com/who-we-are/

Industry: IT Services and IT Consulting
Company size: 51-200 employees
Headquarters: *
LinkedIn followers: 1,216

Offices: *, *, 22312, US · 3060 Williams Dr, Suite 510, Fairfax, Virginia 22031, US

Information Technology ServicesStrategic PlanningProgram/Project Management Supportand Acquisitions ManagementInformation Technology

View all jobs at Loch Harbour Group

Similar companies hiring

Capgemini (1811)Hewlett Packard Enterprise (1107)Oracle (968)PACS (890)CONA Services (722)NTT DATA North America (620)Verizon (550)Mastercard (518)KBR, Inc. (516)VOIS (490)Duke Health Technology Solutions (420)Virginia Information Technologies Agency (411)

·Dashboard

Jobs at Loch Harbour Group (Now Hiring) — 6 open

Loch Harbour Group

Web Developer Security Engineer

Washington, District of Columbia, United States · On-site

$160k–$190k/yr

Mid level

Skills: Application Security, Secure Software Development Lifecycle, DevSecOps, Vulnerability Remediation, OWASP Top 10

Loch Harbour Group

Technical Editor Subject Matter Expert (SME)

Washington, District of Columbia, United States · On-site

$85k–$100k/yr

Senior

Skills: Technical Editing, Quality Assurance, Content Strategy, Section 508 Compliance, Editorial Judgment

Loch Harbour Group

Databricks Engineer (Databricks / Qlik / Python) | Active Secret Clearance Required

San Diego, California, United States · Remote OK

$150k–$200k/yr

Senior+

Skills: Databricks, Qlik Sense, QlikView, Python, SQL

Loch Harbour Group

Senior Writer & Media Coordinator (Writer SME)

Washi, Sichuan, China · Hybrid

$120k–$140k/yr

Senior+

Skills: Technical Writing, Storytelling, Editorial Coordination, Media Outreach, Stakeholder Engagement

Loch Harbour Group

Social Media Specialist – Digital Engagement & Analytics

Washington, District of Columbia, United States · Remote OK

$80k–$90k/yr

Senior

Skills: Social Media Strategy, Content Creation, Digital Analytics, LinkedIn Strategy, Campaign Management

Loch Harbour Group

Material Control Technician (Onsite)

Aurora, Colorado, United States · On-site

Mid level

Skills: Logistics, Supply Chain Management, Inventory Control, MS Office, Excel

Web Developer Security Engineer

Loch Harbour Group

Washington, District of Columbia, United States • On-site

Apply

Mid level

Tired of cold applications?

Sign up with Clera and we'll reach out the moment a role actually fits you — no more spraying applications into the void.

$160k–$190k/yr
Full-time
bachelor degree, professional certificate
Competitive salaries, Paid time off, Health insurance, Dental insurance, Vision insurance, Short term disability
Posted 3d ago
~40 hrs/week

Responsibilities

Requirements

Full job description

Description

Key Responsibilities:

Secure Software Development & Application Security

Design, develop, and maintain secure web applications utilizing modern web technologies and frameworks including .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, and SQL.
Implement Secure Software Development Lifecycle (SSDLC) practices and secure coding standards.
Conduct application security reviews, threat modeling, risk assessments, and vulnerability remediation activities.
Ensure compliance with Open Worldwide Application Security Project (OWASP) Top 10 guidelines and industry security best practices.
Leverage AI-assisted development tools such as GitHub Copilot, OpenAI APIs, and automation frameworks to improve security monitoring, code quality, and compliance auditing.

DevSecOps & Security Automation

Implement and maintain DevSecOps processes within CI/CD pipelines.
Automate security testing, vulnerability scanning, compliance validation, and security gate enforcement throughout the development lifecycle.
Develop scripts and automation solutions using Python, JavaScript/Node.js, Java, React.js, and TypeScript.
Collaborate with development, operations, and cybersecurity teams to ensure secure software deployment and operations.

Security Monitoring & Incident Response

Perform log analysis, security monitoring, and forensic investigations.
Configure and maintain File Integrity Monitoring (FIM) solutions to detect unauthorized changes to web content and critical system files.
Deploy, tune, and manage Web Application Firewalls (WAFs) to protect custom-developed applications against evolving cyber threats.
Support Tier II security operations and provide recommendations for continuous security improvements.

Cybersecurity Compliance & Risk Management

Perform risk assessments and analyze cyber threats affecting enterprise applications and infrastructure.
Develop security metrics, compliance reporting, and audit documentation.
Support Federal cybersecurity compliance efforts including:
- NIST SP 800-53
- FISMA
- FedRAMP
Evaluate, recommend, and implement security controls for web, cloud, and mobile device solutions.

Cloud & Infrastructure Security

Implement security controls for cloud environments, including AWS.
Secure containerized environments using Docker and Kubernetes.
Support security operations through the use of SIEM, IDS/IPS, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), and related cybersecurity technologies.

Requirements

Required Qualifications:

Minimum of three (3) years of experience in Web Application Security, Application Security Engineering (AppSec), or Secure Software Development Lifecycle (SSDLC).
Extensive hands-on experience in:
- Secure software development
- DevSecOps automation
- Vulnerability assessment and remediation
Experience developing web applications using modern technologies and frameworks, including:
- .NET (C# MVC, WCF)
- HTML5
- CSS3
- JavaScript
- REST APIs
- SQL
Proficiency in:
- Log analysis
- File Integrity Monitoring (FIM)
- Web Application Firewall (WAF) administration and management
Strong understanding of:
- OWASP Top 10
- Secure coding standards
- Web application vulnerability mitigation techniques
Experience deploying, configuring, tuning, and maintaining Web Application Firewall (WAF) solutions for custom-developed web applications.
Experience configuring and managing File Integrity Monitoring (FIM) solutions to detect and alert on unauthorized changes to web content and critical files.
Ability to leverage AI-assisted development tools (e.g., GitHub Copilot, OpenAI API/Codex) and scripting languages such as:
- Python
- JavaScript/Node.js
- Java
- React.js
- TypeScript
Familiarity with security monitoring and testing tools, including:
- Wireshark
- SIEM platforms
- IDS/IPS
- Network Detection and Response (NDR)
- Endpoint Detection and Response (EDR)
Ability to:
- Perform risk assessments
- Analyze cybersecurity threats
- Develop remediation recommendations for enterprise systems and applications
Proven experience implementing DevSecOps principles and integrating security controls throughout CI/CD pipelines.
Experience developing security metrics, managing compliance reporting, and auditing systems against established security baselines.
Experience evaluating, recommending, and implementing security controls for mobile devices and mobile web applications.
Experience providing Tier II security operations support and recommending continuous security improvements for existing infrastructure.
Demonstrated ability to work independently and collaboratively within cross-functional teams.

Desired Qualifications

Experience supporting enterprise security operations in complex Federal or regulated environments.
Experience automating security monitoring, compliance validation, and audit activities.
Strong analytical, troubleshooting, and problem-solving skills with the ability to address emerging cybersecurity threats.

Education

Bachelor's degree or higher in Computer Science, Cybersecurity, Information Systems, Engineering, or a related technical field.

Security Requirement

U.S. Citizenship required.
Must be eligible to obtain and maintain a Tier 2 Public Trust clearance

Candidates must possess current certifications from one or more of the following categories:

Specialized Application Security Certifications

Certified Secure Software Lifecycle Professional (CSSLP)
GIAC Certified Web Application Defender (GWEB)
EC-Council Certified Application Security Engineer (CASE)

Offensive Security Certifications

OffSec Web Expert (OSWE)
Offensive Security Certified Professional (OSCP)

Foundational Security Certifications

CompTIA Security+
GIAC Security Essentials (GSEC)

Certification Requirements

Certifications (or equivalent predecessor certifications) must have been maintained and professionally utilized for a minimum of five (5) years.
Expired certifications will not be considered.
Certifications that have not been applied in a professional work environment will not be considered.

Preferred Qualifications

In-depth experience supporting Federal cybersecurity compliance and authorization frameworks, including:
- NIST SP 800-53
- FISMA
- FedRAMP
Proven experience in:
- Threat modeling
- Cybersecurity risk assessments
- Security architecture design
- Development of resilient and secure enterprise systems
Advanced experience implementing DevSecOps practices, including:
- Integrating security controls throughout the software development lifecycle
- Securing CI/CD pipelines
- Automating security testing and security gate enforcement
Knowledge of cloud security principles and best practices, particularly within AWS environments.
Experience securing and managing containerized environments using:
- Docker
- Kubernetes

About Loch Harbour Group

Company Highlights:

At LHG, we offer our employees a full comprehensive and competitive benefits package. Our benefits package features:

Competitive salaries
Paid time off
Health, dental and vision insurance
Company paid short/long term disability
Company paid Life and Accidental Death & Dismemberment insurance
401(k) (up to 5% matching)
Flexible Spending Accounts (FSA)
Other company perks

The Loch Harbour Group is an equal opportunity employer, all interested qualified applicants are encouraged to apply, D/M/V/F. LHG welcomes and encourages diversity in the workforce.

Related keywords

AppSecSSDLCDevSecOpsOWASPC#MVCWCFHTML5CSS3REST APIsNode.jsJavaReact.jsTypeScriptGitHub CopilotOpenAI API

About Loch Harbour Group

LinkedIn Visit site

To learn more about Loch Harbour Group visit https://lochharbour.com/who-we-are/

Industry: IT Services and IT Consulting
Company size: 51-200 employees
Headquarters: *
LinkedIn followers: 1,216

Offices: *, *, 22312, US · 3060 Williams Dr, Suite 510, Fairfax, Virginia 22031, US

Information Technology ServicesStrategic PlanningProgram/Project Management Supportand Acquisitions ManagementInformation Technology

View all jobs at Loch Harbour Group

About Loch Harbour Group

LinkedIn Visit site

To learn more about Loch Harbour Group visit https://lochharbour.com/who-we-are/

Industry: IT Services and IT Consulting
Company size: 51-200 employees
Headquarters: *
LinkedIn followers: 1,216

Offices: *, *, 22312, US · 3060 Williams Dr, Suite 510, Fairfax, Virginia 22031, US

Information Technology ServicesStrategic PlanningProgram/Project Management Supportand Acquisitions ManagementInformation Technology

View all jobs at Loch Harbour Group

Jobs at Loch Harbour Group (Now Hiring) — 6 open

Web Developer Security Engineer

Technical Editor Subject Matter Expert (SME)

Databricks Engineer (Databricks / Qlik / Python) | Active Secret Clearance Required

Senior Writer & Media Coordinator (Writer SME)

Social Media Specialist – Digital Engagement & Analytics

Material Control Technician (Onsite)

Web Developer Security Engineer

Tired of cold applications?

Responsibilities

Requirements

Full job description

Key Responsibilities:

Secure Software Development & Application Security

DevSecOps & Security Automation

Security Monitoring & Incident Response

Cybersecurity Compliance & Risk Management

Cloud & Infrastructure Security

Required Qualifications:

Desired Qualifications

Security Requirement

Candidates must possess current certifications from one or more of the following categories:

Specialized Application Security Certifications

Offensive Security Certifications

Foundational Security Certifications

Certification Requirements

About Loch Harbour Group

Company Highlights:

Related keywords

About Loch Harbour Group

About Loch Harbour Group

Similar companies hiring

Tools

Explore

Company

Jobs at Loch Harbour Group (Now Hiring) — 6 open

Web Developer Security Engineer

Technical Editor Subject Matter Expert (SME)

Databricks Engineer (Databricks / Qlik / Python) | Active Secret Clearance Required

Senior Writer & Media Coordinator (Writer SME)

Social Media Specialist – Digital Engagement & Analytics

Material Control Technician (Onsite)

Web Developer Security Engineer

Tired of cold applications?

Responsibilities

Requirements

Full job description

Key Responsibilities:

Secure Software Development & Application Security

DevSecOps & Security Automation

Security Monitoring & Incident Response

Cybersecurity Compliance & Risk Management

Cloud & Infrastructure Security

Required Qualifications:

Desired Qualifications

Security Requirement

Candidates must possess current certifications from one or more of the following categories:

Specialized Application Security Certifications

Offensive Security Certifications

Foundational Security Certifications

Certification Requirements

About Loch Harbour Group

Company Highlights:

Related keywords

About Loch Harbour Group

About Loch Harbour Group

Similar companies hiring

Tools

Explore

Company