Cyber Applications Engineer, Information Assurance

Job Description: • Reports to the SEAP Cyber team manager • Support the SEAP Program (SUSTAINMENT TO EXISTING APPLICATIONS PORTFOLIO). • Perform web application scanning & application security assessments. • Perform manual application testing to identify vulnerabilities or deviations from software standards. • Provide timely and detailed reports, with proofs of findings and analysis of risk. • Assist with integration of static & dynamic web application assessments into secure SLDC lifecycles • Use SharePoint and other collaboration tools to collect, monitor, and manipulate C&A documentation through the collection, review, approval, and final distribution processes. • Supports the SEAP Program and related teams in areas of Risk Management Framework (RMF) for DoD IT, DoD/Army Regulations, Incident Response, Software Assurance, and related Cyber disciplines. • Work closely with representatives from other divisions and branches (IT, Networking, etc.) to request information, provide clarification, and validate findings, evidence, and POA&M statements. • Maintain and meet deliverable schedules. Must be proactive in obtaining information from multiple internal and external teams to complete requirements on schedule. • Additional details of positions will be provided to qualified applicants. Requirements: • Minimum 2 years’ relevant experience. • Bachelor’s degree in Information Technology, Computer Science, or related field. Substantial experience in lieu of degree may be considered. • Current DoD 8570.01-M Information Assurance Technical IAT Level II (IAT II) baseline certification, such as Security+ CE. Uncertified candidates cannot be considered. • U.S. citizen with active DoD SECRET level security clearance. Uncleared candidates cannot be considered. • Development background is required. • Microsoft .NET or Java development experience required. Microsoft .NET is preferred. • Knowledge of SDLC methodologies. • Intermediate to advanced knowledge of secure code development practices and OWASP Top 10 web application security issues. • Web services development and design with integrated security engineering experience. • Requires excellent English verbal and writing skills including report generation, presentations, and technical writing. • Highly organized with the ability to independently maintain schedules and meet deadlines. • Experience with supporting assessment of IT systems compliance with Federal IT Security standards. (NIST 800-53, FISMA, etc.) • 3-7 years of web application development related work experience. • Experience performing manual and automated code review and penetration tests for complex applications. • Experience with static code scanning tools (Fortify, AppScan, etc.) • Experience with dynamic analysis tools (Burp, Zaprozy, SQLMap, BeEF, DAVtest, dirb, fierce, curl, hping, etc.) • Technical understanding of database, web server, and operating system security as well as application security in leading cloud platforms. • Knowledge of security systems and controls, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. • Understanding of data handling privacy standards to include PII and PHI. • Familiarity with DISA application security related Security Technical Implementation Guides (STIGs) and RMF implementation. • Veterans with prior Army/DoD Cybersecurity experience highly desired. Benefits: • Eleven Federal Holidays • Paid Time Off accrued each pay period • Parental Leave • Three medical plan choices with generous employer contribution • Dental and Vision Insurance • Company paid Short-Term and Long-Term Disability • Company paid Life and AD&D Insurance • 401k with competitive matching and vesting schedule • Continuing education assistance • Short Term / Long Term Disability & Life Insurance • Medical, Dependent Care and Commuter Flexible Spending Accounts • Employee Assistance Program • Wellness benefits include Calm Health app and WellHub gym subsidy (formerly GymPass) • 529 College Savings Plan • Legal Insurance • Pet Insurance