Software Security Engineer (hybrid, W2 ONLY)
Apply NowCompany: System One Holdings, LLC
Location: Vienna, VA 22182
Description:
Software Security Engineer
Arlington, VA - hybrid
US citizenship required per government contract
Must be able to obtain DHS Public Trust
The overall responsibility of the Software Security Engineer is to implement, test, and operate advanced software security techniques in compliance with technical reference architecture.
Key responsibilities of the Software Security Engineer include:
Performing on-going security testing and code review to improve software security.
Troubleshooting and debugging issues that arise.
Providing engineering designs for new software solutions to help mitigate security vulnerabilities.
Contributing to all levels of the architecture.
Maintaining technical documentation.
Consulting team members on secure coding practices.
Developing and maintaining familiarity with new tools and best practices.
Engineering and implementing DevOpsSec (CI/CD) pipelines and incorporate security protocols while deploying infrastructure as code (IaC).
Required Education, Experience, and Skills:
Bachelor's degree in science, technology, engineering, and math (STEM) field and nine (9) years IT security (Cybersecurity) experience; OR No Bachelor's Degree with eleven (11) or more years of IT security (Cybersecurity) experience.
Excellent communication skills, both verbal and written
Agile development experience
Excellent active listening skills
Ability to discuss technical issues with non-technical, executive-level government officials
Preferred Education, Experience, and Skills:
Certifications:
Certified Information Systems Security Professional (CISSP), or Certified Secure Software Lifecycle Professional (CSSLP) Certification, or Certified Application Security Engineer (CASE) Certification.
AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional.
Experience:
5 or more years of technical leadership
With DevOpsSec pipeline tools including configuration management, requirements (e.g. JIRA), automated testing, automated deployments, blue green deployments, and branching strategy and implementation.
With Systems Engineering processes and milestones; understanding of the requirements analysis, decomposition, and allocation process.
Performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series.
#M2
Ref: #850-Rockville (ALTA IT)
Arlington, VA - hybrid
US citizenship required per government contract
Must be able to obtain DHS Public Trust
The overall responsibility of the Software Security Engineer is to implement, test, and operate advanced software security techniques in compliance with technical reference architecture.
Key responsibilities of the Software Security Engineer include:
Performing on-going security testing and code review to improve software security.
Troubleshooting and debugging issues that arise.
Providing engineering designs for new software solutions to help mitigate security vulnerabilities.
Contributing to all levels of the architecture.
Maintaining technical documentation.
Consulting team members on secure coding practices.
Developing and maintaining familiarity with new tools and best practices.
Engineering and implementing DevOpsSec (CI/CD) pipelines and incorporate security protocols while deploying infrastructure as code (IaC).
Required Education, Experience, and Skills:
Bachelor's degree in science, technology, engineering, and math (STEM) field and nine (9) years IT security (Cybersecurity) experience; OR No Bachelor's Degree with eleven (11) or more years of IT security (Cybersecurity) experience.
Excellent communication skills, both verbal and written
Agile development experience
Excellent active listening skills
Ability to discuss technical issues with non-technical, executive-level government officials
Preferred Education, Experience, and Skills:
Certifications:
Certified Information Systems Security Professional (CISSP), or Certified Secure Software Lifecycle Professional (CSSLP) Certification, or Certified Application Security Engineer (CASE) Certification.
AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional.
Experience:
5 or more years of technical leadership
With DevOpsSec pipeline tools including configuration management, requirements (e.g. JIRA), automated testing, automated deployments, blue green deployments, and branching strategy and implementation.
With Systems Engineering processes and milestones; understanding of the requirements analysis, decomposition, and allocation process.
Performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series.
#M2
Ref: #850-Rockville (ALTA IT)