The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.Leidos has an immediate need for a Senior Software Assurance (SA) Security Engineer to join our CBP Team.
The Senior Software Assurance Security Engineer duties will include:
Qualifications: Required Skills and Education:
- Analyze user needs and software requirements to determine feasibility of design and within time and cost constraints.
- Apply coding and testing standards, security testing tools, threat modeling and conduct code reviews.
- Conduct trial runs of programs and software applications to ensure the desired information is produced and instructions are correct. Identify common coding flaws.
- Identify security issues around steady state operation and management of software.
- Incorporate security measures that must be taken when a product reaches end of life.
- Perform integrated quality assurance testing for security functionality and resiliency attacks.
- Perform secure programming and identify potential flaws in codes to mitigate vulnerabilities.
- Recognize security implications in the software acceptance phase, including completion criteria, risk acceptance, and documentation, common criteria and methods of independent testing.
- Perform penetration testing as required for new or updated applications.
- Apply defense functions (ie: encryption, access control, identity management) to reduce exploitation opportunities of supply chain vulnerabilities.
- Apply comprehensive knowledge of Information Security issues to include cloud technology, internet servers, web-enabled database application, network security, security engineering, data integrity, intrusion detection, firewalls management, forensic and legal information security, virtual private networks, public key/infrastructure/digital signature, encryption, network security architecture and DHS Policy.
BS degree in Science, Technology, Engineering, Math or related field and 12 - 15 years of prior relevant experience with a focus on cyber security or Masters with 10 - 13 years of prior relevant experience.
Must have an active Secret Clearance.
In addition to the specific clearance requirement, all personnel supporting CBP must have a current background investigation (BI) or obtain a favorable BI before joining the program.
Must have comprehensive knowledge of Information Security issues to include: Cloud technology, Internet servers, Web-enabled database application, Data integrity, Intrusion detection, Firewalls management, Forensic and legal information security, Virtual private networks, Public key/infrastructure/digital signature, Encryption, Network security architecture.
- Experience working with application development tools, such as version control, defect tracking, build management and test management
- Prior experience with C# and/or development environments similar to Visual Studio
- Experience with Selenium or similar portable testing software for web applications preferred
- Basic understanding of relational database, stored procedures, database functions, and SQL
- Understanding of testing web services and APIs including REST, SoapUI, and/or WebAPI Desired Skills:
Network Security background and Cloud/AWS experience