Sr. Software Security Engineer with Security Clearance

Recruiter
Innovative Defense Technologies
Location
Fall River
Salary
Competitive
Posted
03 Oct 2024
Closes
21 Oct 2024
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time
Description Background Information: Innovative Defense Technologies (IDT), is an information technology business headquartered in Arlington, VA with additional offices in Fall River, MA; Mount Laurel, NJ; and San Diego, CA. Founded in 2006, IDT designs and develops best–in–class solutions that facilitate the rapid delivery of software–based warfare capabilities for the U.S. Department of Defense. The core of our mission is to deliver disruptive innovation in support of the U.S. Armed Forces who defend our nation every day. Overview: We are looking for a driven, experienced Sr. Software Security Engineer to lead a team to design and develop security solutions for our software–as–a–service hybrid cloud platform. Our platform provides the ability for our government customers to collaboratively employ cutting edge capabilities to aid in the development and test of mission critical tactical systems in ways that were not previously possible. In addition to providing innovative and disruptive technology for our customers, our product needs to safeguard our customers' systems and data to ensure the utmost support and protection for our warfighters. This role is based out of either our Arlington, VA, Mount Laurel, NJ or Fall River, MA office. All applicants must be able to obtain/maintain an active U.S. Security Clearance. Our Tech Stack: Our tech stack is continuously evolving to meet emerging customer use cases and keep pace with industry. Backend services are typically written in Java with PostgreSQL persistence. User interfaces are written in Typescript using React and Redux and packaged with Webpack. REST serves as our primary data transport protocol for both backend and frontend interfaces. Code is configuration controlled in Git. Build tooling includes Maven, Gradle, and NPM, coordinated by Jenkins in an automated pipeline. Continuous deployment is employed to orchestrate software on a Kubernetes cluster in multiple environments, including in the cloud, on secured air–gapped networks, and on tactical platforms. Responsibilities Include: Contribute to every stage of the software development lifecycle: design, code, review, test, integration, debugging, deployment, and maintenance of high performance and scalable software with a focus on security. Work with customers and cyber security analysts to understand/define customer security requirements and translate those requirements to software designs/implementations that meet their needs. Successfully decompose requirements and objectives into assignable tasks and lead a team to execute them from beginning to end, using strong organization, planning, and prioritization skills. Demonstrate excellent teamwork and communication skills to collaborate with other teams and stakeholders in a dynamic and geographically distributed team environment. Champion best practices to improve code quality, such as security testing, static analysis, and documentation. Ability to work on–site at IDT's facilities or travel to customer sites on a limited, as–needed basis Minimum Required Qualifications: Bachelor's degree in Computer Science or related technical discipline Minimum 7 years' experience in software engineering Required Skills: Experience assessing software against best practice standards and security requirements, including NIST Common Weakness Enumerations (CWEs), DISA Application Secure Development (ASD) STIG as well as the CIS Secure Software Benchmark. Practical engineering experience with Java or a similar object–oriented programming language Experience with container technologies such as Docker and Kubernetes Experience building secure, scalable, distributed service–oriented software solutions utilizing modern frameworks and design patterns. Preferred Skills: CSSLP, CSC, GCSA, GCLD, or CISSP–ISSEP certification. Strong knowledge of web protocols and standards (HTTP, REST, OAuth) and their application in a microservice architecture, especially in the context of a modern framework such as Spring. Working knowledge of developing software on Linux operating systems, especially with hands–on knowledge of networking fundamentals, protocols, and standards (TCP/IP, TLS, DNS). Experience with industry–standard DevOps tooling, such as Maven or Gradle, Jenkins, and Git. Experience with containerized software deployment and container orchestration platforms such as Kubernetes. Experience with relational databases such as PostgreSQL, particularly interfacing with a database using technologies such as JDBC, JPA, or Hibernate. Familiarity with the frontend portion of full stack development – Javascript or Typescript with modern frameworks and build systems, such as React, Redux, and Webpack. Familiarity with virtualization technologies. Experience with designing and architecting software systems that meet requirements and maintaining living documentation of system designs. Strong troubleshooting and debugging skills. Desire to identify, learn, and apply new software technologies. Competencies: Excellent verbal and written communication skills Attention to detail with high level of accuracy and confidentiality Initiative, reliability, teamwork and customer service orientation Strong organization and planning skills EEO Statement: Applicants, employees, and former employees are protected from employment discrimination based on race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability, veteran status, genetic information, or any other basis protected by federal, state, or local law.