Lead Application Software Security Engineer (1844-677)

NES Associates Fort Meade, MD
NES, a GDIT company, is searching for a Lead Application Software Security Engineer who will be responsible for performing trend analysis and providing security related recommendations based on the analysis of source code software projects; reviewing and making recommendations to revise the existing software review process; identifying and recommending additional tools that can be leveraged for deeper and more thorough analysis of test targets.

A successful candidate has an Application Security background and is expected to champion security review projects to completion; more specifically their past experience should be in line or closely follow the guidelines below:

* Experience in the key areas of writing applications in a single coding language of any sort is required

* More weight will put on a candidate with experience in Object Oriented Languages such as Java.

* Fluent in performing tasks on platforms of varying complexity from basic Windows to Linux administrative tasks

* In-depth understanding of the System Development Lifecycle and how Information Assurance integrates into the SDLC

* Experience with HP Web Inspect and Fortify 360

* Knowledge of Department of Defense (DoD) Information Assurance (IA) procedures is desired

* Experience in the Installation and Configuration of various commercial and open source products to include familiarity with various software assurance and code quality tools such as SonarQube, Maven, Eclipse IDE, Java SDK, Windows workstation configuration, Sonar-Runner, and MINGW (including Linux commands and file structure knowledge), grep and other Linux-based search tools, etc.

* Experience with analyzing vulnerabilities and performing threat analysis in the context of the assigned target with the ability to research and rule out false findings

* Hands-on experience in identifying security flaws and vulnerabilities involving complex applications

Additional Skills

* Experience in planning and leading software assurance projects across the life cycle of development, test and evaluation, deployment, and life cycle sustainment

* Ability to analyze customer problems, determine needs, and recommend a course of action to address software assurance issues

* Ability to quickly learn and adapt to new technologies, platforms, and environments as well as work effectively within small teams and collaborate with external organizations and stakeholder

* Demonstrated written and oral communication skills


IAT-II (CCNA-Security, GICSP, GSEC, Security+ CE, or SSCP)

Security Clearance

DoD Secret clearance

Similar jobs you might like