Security Engineer at Sev1tech, Inc. in Norfolk, Virginia

Job Description:

Sev1tech, Inc.


Security Engineer

US-VA-Norfolk

Job ID: 2024-8611
Type: Full Time W/Benefits Ret Match
# of Openings: 1
Norfolk, VA

Overview

We are looking for a skilled and motivated Security Engineer to join our team and support our federal customer. In this role, you will play a crucial part in the design, development, and maintenance of user-friendly, responsive web applications and interfaces. Your expertise in front-end technologies and experience working with federal clients will be essential in ensuring the successful delivery of high-quality software solutions that meet the specific needs and security requirements of our federal customer.

The Security Engineer is responsible for doing research, identify, design and implement solutions as well as perform application security vulnerability assessments and scans to identify, evaluate and mitigate security risks, threats and vulnerabilities in AWS cloud and on-prem environments. Responsible for defining and planning processes for implementing security initiatives compliant with customer set security requirements and certifications. Document and communicate all security related configuration and guidelines for the network and cloud teams.

Responsibilities

Primary Responsibilities:

• Responsible for design and automation of security scanning as part of daily integration activities to continuously assess code and remediate vulnerabilities early in the development lifecycle.
• Actively involved at all phases of the development lifecycle to promote code reuse which uses inherited preapproved Risk Management Framework (RMF) controls to achieve faster ATO
• Responsible for confirming security-relevant design changes to Navy ISSM’s and ISSOs for early assessment
• Design integrate custom code to generate security-relevant events for the Navy Information Security, enhancing operational monitoring
• Perform evaluation, onboarding, and manual testing of DOD approved security tools ex SAST, vulnerability and open source scanning into the Security DevOps life cycle
• Define best practices in security hardening, patching, granular role-based access, system administration, and configuration
• Strong working knowledge of NIST 800.37 and 800.53 requirements
• Experience evaluating, documenting, and implementing security controls
• Experience with python scripting is desired
• Good understanding of cloud security concepts

Qualifications

• 3-7 Years of experience in software design and development with at least 3+ years of experience working in a security role handling on-premise and cloud infrastructures
• Extensive experience integrating Security checks in the CI/CD pipeline alongside the Development team
• The Security Engineer should have extensive Scanning experience and familiarity with Static & Dynamic Code Analysis.
• Experience and expertise in secure coding practices and threat modeling
• Strong scripting skills and proficiency with the following scripting languages strongly preferred: Shell, Python, Java
• Excellent communication and written skills
• Able to provide proof of US Citizenship
• Active Secret Clearance

Equal employment opportunity, including veterans and individuals with disabilities.

PI268055329

Salary:

$100,000.00

Apply Now