We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.

Job posting has expired

#alert
Back to search results

Software Security Engineer, Senior

Booz Allen Hamilton
July 30, 2022
Job Number: R0145154

Software Security Engineer, Senior

Key Role:

Consult on and leads vulnerability identification, new threat exposures, and emerging security technologies relating to software security. Support clients by working with a collaborative team to assess software vulnerabilities for authorizing officials to determine if the risk is acceptable for use in the Department of Defense (DoD) arena. Work closely with developers and information assurance engineers to ensure adequate verification and validation. Analyze the security of software components using a variety of techniques. including static analysis, dynamic testing, and manual code review, and provides actionable results and potential risk to the environment. Develop procedures for consistent assessment of software components against software security objectives. Develop innovative solutions to complex problems. Make decisions independently and in a self-directed manner in support of the goals of the team and organization.

Basic Qualifications:

  • 3+ years of experience with secure software testing, review, or assessment to identify potential flaws in source code and mitigate vulnerabilities
  • 1+ years of experience with using code analysis tools and interpreting results
  • Knowledge of cybersecurity principles and methods that apply to software development, including modularization, layering, abstraction, data hiding, simplicity minimization
  • Knowledge of system and application security threats and vulnerabilities, including buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language, injections, race conditions, covert channel, replay, return-oriented attacks, malicious code
  • Knowledge of computer programming principles, programming language structure and logic, and interpreted and compiled computer languages
  • Secret Clearance
  • Bachelor's degree
  • Ability to obtain an 8570 Certification compliance, including CompTIA Security+, or ISC(2) CISSP within 6 months of hire

Additional Qualifications:

  • Experience with virtual test environments
  • Experience with determining the protection needs of information systems, networks, or software components, including risk management processes policies, requirements, and procedures
  • Experience with secure test plan design, including unit, integration, system, acceptance
  • Knowledge of secure software deployment methodologies, tools, and practices
  • Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity, including Risk Management Framework, Defense Information Systems Agency Application Security and Development Security Technical Implementation Guide
  • Knowledge of supply chain risk management standards, processes, and practices
  • Knowledge of software development models, including Waterfall Model, Spiral Model, and DevSecOps
  • Experience with operational support to the DoD
  • Top Secret clearance
  • CompTIA Security+ CE, CSSLP, or CISSP Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

(web-68d96466cf-svdh8)