Cyber Security Developer/Tester with Security Clearance
- Recruiter
- NAIS
- Location
- Pensacola
- Salary
- Competitive
- Posted
- 16 Jul 2024
- Closes
- 04 Aug 2024
- Job Type
- Cyber Security
- Employer Sector
- Technology, IT & Telecoms
- Contract Type
- Permanent
- Hours
- Full Time
Location: Pensacola, FL Overview:
NAIS LLC is seeking an experienced Cyber Security Developer/Tester to provide services on a contract supporting a U.S. Government agency. The ideal candidate will have excellent problem–solving and communications skills as well as a previous work history of development and use of automated software testing frameworks for large scale security–critical software testing to validate that secure coding best practices are being used. This position requires a positive attitude, strong organizational skills, a drive to focus and produce results, and the ability to lead a team to meet objectives and foster strong customer relationships in a complex environment. This is a full–time salaried position with compensation to be based on experience and overall strength of the candidate. In addition to receiving a competitive salary and generous health and personal benefits, the opportunity offers the ability to enhance the selectee's skill set among a talented and technically accomplished group of colleagues. On this contract, our team will support the U.S. Government agency across the following activities: 1) Developing and execute comprehensive test automation strategies, integrating tools within DevOps pipelines to ensure robust software testing and deployment. 2) Supporting testing efforts across software, hardware, and cyber domains, adhering to agile methodologies, while providing technical expertise in Java and database programming languages to support development teams. Qualifications: • Clearance: Top Secret / SCI • Citizenship: Must be a U.S. Citizen. • Education: B.A./B.S. or M.A./M.S. degree from an accredited academic institution in a relevant field. An associate degree plus 4 years work experience may be substituted for a bachelor's degree. • Experience: 3+ years of experience required. • Preferred: Experience working in government IT and cybersecurity environments in U.S. civilian government or other federal government agencies. • One or More Certifications Required: SECO Institute – Secure Programming Foundation (S–SPF), SECO Institute – Certified Secure Software Developer (S–CSSD), ISC2 – Certified Cloud Security Professional (CCSP), ISC2 – Certified Secure Software Lifecycle Professional (CSSLP), SANS GIAC – GWEB (Certified Web Application Defender), SANS GIAC – GISP (Information Security Professional), EC–Council – Certified Application Security Engineer Java (CASE JAVA), or EC–Council – EC–Council Certified Application Security Engineer .Net (CASE .Net)
Core Duties: • Responsible for determining and developing innovative approaches for addressing cyber security risks associated with application development. • Provides application security guidance to application development teams. • Performs code review and static/dynamic analysis; identifies and addresses security issues. • Responsible for the development and use of automated software testing frameworks for large scale security–critical software testing to validate that secure coding best practices are being used. • Ensures low–level firmware/software development pushes the bounds of the originally specified intent of the hardware/software. • Resolves and mitigates vulnerabilities, design security functions, and provides evidence–based reasoning to substantiate claims for trustworthy and secure work products. • Familiarity with OWASP & SANS identified common security coding flaws, threat modeling, and automated & manual static security code analysis. • Programming experience with a primary programming language (Java, .NET or Python) and SQL and JSON; other programming experience is also beneficial (e.g. Ruby/Rails, Scala, Perl, YAML, HCL).
NAIS LLC is seeking an experienced Cyber Security Developer/Tester to provide services on a contract supporting a U.S. Government agency. The ideal candidate will have excellent problem–solving and communications skills as well as a previous work history of development and use of automated software testing frameworks for large scale security–critical software testing to validate that secure coding best practices are being used. This position requires a positive attitude, strong organizational skills, a drive to focus and produce results, and the ability to lead a team to meet objectives and foster strong customer relationships in a complex environment. This is a full–time salaried position with compensation to be based on experience and overall strength of the candidate. In addition to receiving a competitive salary and generous health and personal benefits, the opportunity offers the ability to enhance the selectee's skill set among a talented and technically accomplished group of colleagues. On this contract, our team will support the U.S. Government agency across the following activities: 1) Developing and execute comprehensive test automation strategies, integrating tools within DevOps pipelines to ensure robust software testing and deployment. 2) Supporting testing efforts across software, hardware, and cyber domains, adhering to agile methodologies, while providing technical expertise in Java and database programming languages to support development teams. Qualifications: • Clearance: Top Secret / SCI • Citizenship: Must be a U.S. Citizen. • Education: B.A./B.S. or M.A./M.S. degree from an accredited academic institution in a relevant field. An associate degree plus 4 years work experience may be substituted for a bachelor's degree. • Experience: 3+ years of experience required. • Preferred: Experience working in government IT and cybersecurity environments in U.S. civilian government or other federal government agencies. • One or More Certifications Required: SECO Institute – Secure Programming Foundation (S–SPF), SECO Institute – Certified Secure Software Developer (S–CSSD), ISC2 – Certified Cloud Security Professional (CCSP), ISC2 – Certified Secure Software Lifecycle Professional (CSSLP), SANS GIAC – GWEB (Certified Web Application Defender), SANS GIAC – GISP (Information Security Professional), EC–Council – Certified Application Security Engineer Java (CASE JAVA), or EC–Council – EC–Council Certified Application Security Engineer .Net (CASE .Net)
Core Duties: • Responsible for determining and developing innovative approaches for addressing cyber security risks associated with application development. • Provides application security guidance to application development teams. • Performs code review and static/dynamic analysis; identifies and addresses security issues. • Responsible for the development and use of automated software testing frameworks for large scale security–critical software testing to validate that secure coding best practices are being used. • Ensures low–level firmware/software development pushes the bounds of the originally specified intent of the hardware/software. • Resolves and mitigates vulnerabilities, design security functions, and provides evidence–based reasoning to substantiate claims for trustworthy and secure work products. • Familiarity with OWASP & SANS identified common security coding flaws, threat modeling, and automated & manual static security code analysis. • Programming experience with a primary programming language (Java, .NET or Python) and SQL and JSON; other programming experience is also beneficial (e.g. Ruby/Rails, Scala, Perl, YAML, HCL).