Overview
On Site
150k - 165k
Full Time
Skills
Web development
Tier 3
IT infrastructure
Cloud computing
Software development
Supply chain management
Log analysis
Web applications
Security audit
Web security
Application development
C#
ASP.NET
Software security
Design
C
Documentation
Software deployment
Distribution
National Institute of Standards and Technology
OWASP
Collaboration
Specification
Technical drafting
Management
Firewall
TLS
HTTPS
Authentication
STIG
APL
Microsoft
.NET
Amazon Web Services
SAP BASIS
Job Details
Security Engineer Tier 3
This company is an IT Infrastructure Solutions Company dedicated to constructing, safeguarding, and bolstering our clients' vital enterprises. Our offerings encompass a unique blend of design, integration, and implementation services, alongside fully managed service options.
The company is located in the D.C. Metro Area and will remain 100% remote.
What You Will Be Doing:
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn't provide sponsorship.
This company is an IT Infrastructure Solutions Company dedicated to constructing, safeguarding, and bolstering our clients' vital enterprises. Our offerings encompass a unique blend of design, integration, and implementation services, alongside fully managed service options.
The company is located in the D.C. Metro Area and will remain 100% remote.
What You Will Be Doing:
- Your role would involve aiding in the establishment, enhancement, documentation, and execution of security development and deployment protocols for a product distributed both on-premises and via cloud services.
- This entails assessing and distributing insights and recommendations sourced from authorities like NIST, OWASP, MITRE, and other reputable outlets of security knowledge and standards.
- Furthermore, you'll collaborate with the development team to integrate these security measures and practices into the software development lifecycle, providing direction and specifications for on-premises product deployment, and ensuring the establishment of a secure environment for our forthcoming cloud-based solution.
- Proficiency in maintaining a secure software supply chain (such as CVE monitoring, SBOM creation, etc.)
- Proficient in assessing security best practices and implementing them across processes and assets.
- Skilled in code and architecture review to pinpoint potential security vulnerabilities.
- Proficient in drafting internal documentation concerning security assessments and determinations.
- Competent in managing security monitoring infrastructure (including log analysis, web application firewalls).
- A minimum of 8 years of experience.
- Experience in crafting infrastructural code to uphold security objectives (utilizing abstractions, constraints, etc.)
- Experience collaborating with developers to facilitate their understanding and independent application of secure development principles.
- Knowledge of government/industry security audit procedures.
- Proficiency in web security concepts and best practices (including TLS/HTTPS, common web vulnerabilities, federated authentication, etc.)
- Specialized knowledge of government initiatives related to secure application development (such as STIGs, APL, NIAP).
- Direct expertise in utilizing the Microsoft web application development stack (including C#, .NET, ASP.NET).
- Direct exposure to AWS security tools and practices.
- Proficiency in utilizing static application security analysis tools.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn't provide sponsorship.