Software Security Engineer

Software Security Engineer

Arlington, VA - hybrid

US citizenship required per government contract

Must be able to obtain DHS Public Trust

The overall responsibility of the Software Security Engineer is to implement, test, and operate advanced software security techniques in compliance with technical reference architecture.

Key responsibilities of the Software Security Engineer include:

• Performing on-going security testing and code review to improve software security.

• Troubleshooting and debugging issues that arise.

• Providing engineering designs for new software solutions to help mitigate security vulnerabilities.

• Contributing to all levels of the architecture.

• Maintaining technical documentation.

• Consulting team members on secure coding practices.

• Developing and maintaining familiarity with new tools and best practices.

• Engineering and implementing DevOpsSec (CI/CD) pipelines and incorporate security protocols while deploying infrastructure as code (IaC).

Required Education, Experience, and Skills:

• Bachelor's degree in science, technology, engineering, and math (STEM) field and nine (9) years IT security (Cybersecurity) experience; OR No Bachelor's Degree with eleven (11) or more years of IT security (Cybersecurity) experience.

• Excellent communication skills, both verbal and written

• Agile development experience

• Excellent active listening skills

• Ability to discuss technical issues with non-technical, executive-level government officials

Preferred Education, Experience, and Skills:

Certifications:

• Certified Information Systems Security Professional (CISSP), or Certified Secure Software Lifecycle Professional (CSSLP) Certification, or Certified Application Security Engineer (CASE) Certification.

• AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional.

Experience:

• 5 or more years of technical leadership

• With DevOpsSec pipeline tools including configuration management, requirements (e.g. JIRA), automated testing, automated deployments, blue green deployments, and branching strategy and implementation.

• With Systems Engineering processes and milestones; understanding of the requirements analysis, decomposition, and allocation process.

• Performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series.

Ref: (ALTA IT)

System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.

System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.