Web Developer Security Engineer

Job Description

Job DescriptionSalary: $110,000 - $135,000

ORGANIZATIONAL BACKGROUND

Established in August 2016, Basecamp Consulting and Solutions is a dynamic Information Technology (IT) consulting firm committed to delivering results for our clients. Specializing in next-generation IT and digital transformation solutions, Basecamp Consulting and Solutions is dedicated to helping clients achieve success through trust, innovation, quality work, and a steadfast commitment to results.

At Basecamp, we believe in the power of emerging technologies to propel our clients toward their goals. Our focus lies in business and IT modernization, utilizing Cloud solutions, cybersecurity, and cutting-edge application development. We pride ourselves on a team of talented professionals who are passionate about supporting our clients on their journey towards innovative outcomes.

Basecamp Consulting and Solutions is dedicated to pushing the boundaries of IT consulting and we are equally committed to embodying these principles in every facet of our work.

POSITION OVERVIEW

Reporting to the Program Manager, the Web Developer Embeds security across the SDLC for mission-critical web apps, APIs, and sensitive data. Identifies/remediates vulnerabilities, logic flaws, insecure dependencies, and misconfigurations; drives end-to-end vulnerability lifecycle with threat modeling and validation; advises on secure design patterns and protocols; analyzes web/app logs forIoCs; builds automation for threat-intel integration and incident response; deploys/tunes WAF and FIM; ensures NIST 800-53 / FISMA / FedRAMP compliance and supports audits and authorization.

REQUIRED QUALIFICATIONS

• Ability to obtain a Federal Security Clearance
• Hands-on secure software dev, DevSecOps automation, vulnerability remediation
• Log analysis, FIM, WAF management
• 3+ Web AppSec / AppSec Engineering / SSDLC
• Modern web tech incl. .NET (C# MVC, WCF), HTML5, CSS3, JavaScript, REST APIs, SQL;
• AI-assisted dev tools (Copilot, OpenAI API/Codex) + scripting (Python, JS/Node.js, Java, React.js, TypeScript);
• OWASP Top 10 & secure coding; WAF and FIM deploy/tune;
• Security testing tools (Wireshark, SIEM, IDS/IPS, NDR, EDR); risk assessment;
• DevSecOps CI/CD security gates; security metrics & compliance reporting;
• Tier II security ops support.

Preferred:Federal framework authorization (NIST 800-53/FISMA/FedRAMP); threat modeling; CI/CD security gate automation; AWS & container security (Docker, Kubernetes).

Education:Bachelor's+ (CS/Cyber/IS/Engineering/related).

Credentials (current):one ormore of AppSec: CSSLP / GWEB / CASE; Offensive: OSWE / OSCP; Foundational: Security+ / GSEC.