Software Security Developer SME

Software Security Developer SME Job #1020

Clearance: Public Trust or ability to obtain

High-Level Project Summary/Intro:

Dev Technology Group is looking for a Software Security Developer Subject Matter Expert to support both Operations & Maintenance (O&M) and new development efforts for a federal government client. The ideal candidate will have relevant Cybersecurity experience strong collaboration and communication skills and the ability to manage complex work activities in a deadline-driven environment. This is a great opportunity to work on mission-critical systems that provide clear value to end users and our federal government clients.

What Youll Be Doing:

The Software Security Developer SME will be responsible for developing software applications services and systems (e.g. user-facing and back-end services). Key responsibilities of the Software Security Developer SME include:

• Managing source code using industry version-control best practices.
• Researching new techniques and technologies to stay current in software development methodologies and tools.
• Utilizing code validation tools to ensure that source code is valid is properly structured meets industry standards is secure and is compatible with browsers devices or operating systems.
• Collaborating with stakeholders to define needs and/or specifications and develop proposed solutions.
• Testing and integrating developed software applications into the operational baseline.
• Performing test-driven development utilizing strong unit testing techniques to include test cases mimicking external interfaces and addressing all browser and device types.
• Modifying or enhancing existing software to correct errors to adapt it to new hardware or to upgrade interfaces and improve performance.
• Creating technical models architectural artifacts and/or prototypes that include physical interface logical or data models (e.g. model view controller (MVC) programming practices).
• Sharing actionable/valuable information with colleagues and leadership and engaging with community as resident expert.
• Preparing reports and consulting with customers and other stakeholders to advise on technical issues provide operational support respond to questions and offer status updates.
• Developing DevOpsSec (CI/CD) pipelines and incorporating security protocols while deploying infrastructure as code (IaC)
• Supporting security control assessments.
• Identifying opportunities to refine current and/or implement new security processes to continuously improve the programs overall security posture.
• POA&M resolution support.

Required Education Experience and Skills:

• Bachelors degree in science technology engineering and math (STEM) field and nine (9) years IT security (Cybersecurity) experience; OR No Bachelors Degree with eleven (11) or more years of IT security (Cybersecurity) experience
• Excellent communication skills both verbal and written
• Agile development experience
• Excellent active listening skills
• Ability to discuss technical issues with non-technical executive-level government officials

Preferred Education Experience and Skills:

Certifications:

• Certified Application Security Engineer (CASE) Certification or Certified Secure Software Lifecycle Professional (CSSLP) Certification.
• Certified Ethical Hacker (CEH) Certification or Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP).
• AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional.

Experience:

• DevSecOps & CI/CD: GitLab CI Jira Jenkins Docker Kubernetes Infrastructure as Code (Terraform CloudFormation) automated security scans blue-green deployments branching strategy and implementation.
• Cloud-computing: concepts capabilities and applications as they relate to storage processing and dissemination and overall security.
• Cross-Team Collaboration: Working with multi-disciplinary teams to fulfill stakeholder requirements.
• Security & Compliance: NIST FISMA CIS Benchmarks Zero Trust FedRAMP secure code reviews (SAST/DAST) incident response threat modeling vulnerability assessment IDS/IPS (Snort/Suricata)
• Cloud & Virtualization: AWS (GovCloud EC2 Lambda ECS EKS) Azure (VMs Azure DevOps) container orchestration microservices hardening
• Programming & Automation: Python Java Bash PowerShell scripted workflows data parsing security tooling
• Data & Analytics: SQL (MySQL PostgreSQL) NoSQL (MongoDB DynamoDB) Splunk ELK Stack Tableau real-time logging/monitoring
• Leadership & Collaboration: Resource management cross-functional coordination Agile/Scrum methodologies continuous improvement mentorship
• Application Programming: Building web application programming interfaces (API) using standards established in NIST SP 800-204.
• Security Controls Assessments: Performing Security Control Assessment in compliance with NIST SP 800- 37 NIST SP 800-53 NIST SP 800-53A and other NIST 800 guide series quality standards.

Who We Are

Dev Technology is a growing IT company with an employee-centric culture that works on mission-critical projects for the federal government. We partner with our federal customers to deliver technology services and solutions and to drive our clients missions forward through innovation. We use Agile and DevSecOpsprinciples to provide services including application development biometrics and identity management cloud and infrastructure optimization IT and legacy modernization and data management.

As a Washington Post Top Workplace award winner for the past TWELVE years in a row the Top Workplaces USA for the past five years and a recipient of the Companies As Responsive Employers (CARE) Award for the past six years Dev Technology employees enjoy:

• Generous and flexible time-off policy
• Flexible work schedules and telework options including remote work availability for eligible projects
• Career development opportunities including a mentorship program technical and management training through Dev University hands-on learning through DevLab tuition reimbursement and paid training opportunities
• Industry-leading benefits including a choice of two health plans that include dental and vision flexible spending account commuter benefits life insurance and more
• 401K matching with a 5% matching contribution
• Regular team and company social events including our annual party happy hours fitness challenges and more
• A focus on community engagement including company wide support activities employer match for donations and time off for volunteer efforts
• To learn more about working at Dev Technology visit Working At Dev Technology Group

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Dev Technology Group operates in the following states: AL AR AZ CO DC FL GA ID IL IN MD MA ME MI MN MO NC NJ OH OR PA SC TN TX VA WV.

SMS Terms and Privacy Notice

Dev Technology Group offers you the option to engage in SMS text conversations about your job application. By participating you also understand that message frequency may vary depending on the status of your job application and that message and data rates may apply. Please consult your carrier for further information on applicable rates and fees. Carriers are not liable for delayed or undelivered messages. Reply STOP to cancel and HELP for help. By opting-in to receiving SMS text messages about your job application you acknowledge and agree that your consent data mobile number and personal information will be collected and stored solely for the purpose of providing you with updates and information related to your job application. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.