Location State: Virginia
Location City: Chantilly, Herndon, McLean
Security Clearance: TS/SCI + FS Poly
Company Introduction:
United Science & Analytics is an information technology small business supporting national security missions and government transformation for defense and intelligence agency clients. We focus on the science and analytics of cloud computing, big data, and cyber security, as well as providing overall IT infrastructure support and program/project management.
Position Introduction:
United Science & Analytics has an exciting new opportunity for a talented Cyber Software Engineer/Developer to perform security vulnerability assessments that are an integral part of our independent verification and validation process.
Position Description:
- You will perform vulnerability scanning, static source code analysis, reverse engineering, penetration testing, traffic analysis, documentation, reporting and analysis requirements.
- Perform comprehensive security assessments of identified and applied security controls. Provide summaries of initial assessments in Security Assessment Reports (SAR) that address the technical evaluation and results of assessment, identify weaknesses or deficiencies, and recommend corrective actions for risk mitigation.
- Perform and assess the degree to which a system is compliant with operating system, network, and application security STIG reviews.
- Perform host and network based security control assessments, determine residual security risks, prepare assessment test reports, prepare and assess test plans, and provide formal recommendations in support of authorization.
- Review and analyze the findings that identify security issues on the system. You shall compile results and finding into a final Security Assessment Report, along with assessments and recommendations for remediation.
- Conduct testing and scanning via modern techniques and scanning tools, including manually (software and hardware) used either remotely or locally on the systems to evaluate compliance and to identify security vulnerabilities, threats, risks, and gaps. You will You will perform security vulnerability assessments that are an integral part of our independent verification and validation process. You will perform vulnerability scanning, static source code analysis, reverse engineering, penetration testing, traffic analysis, documentation, reporting and analysis requirements.
Requirements:
- US citizenship.
- Education: Bachelor Degree + 8 years of job related experience.
- Knowledge and experience in security disciplines including, but not limited to, software security, operations security, administrative security, and communications security.
- Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.
- Ability to develop best practices for processes and standards that will better the system.
- Knowledge of security system design tools, methods, and techniques.
- Knowledge of known vulnerabilities from alerts, advisories, and bulletins
Desired:
- Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.
- Experienced in system testing methodologies that include: Penetration testing, Configuration analysis, Security best practices validation
- Experienced in security testing and penetration tools that include: Covery, CodeSonar, Burp, Kali Linux, Metasploit, Nmap, Wireshark, Red / Blue team assessment experience.
Equal Employment Opportunity:
United Science & Analytics is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.