Application Cybersecurity Software Engineer - Military veterans preferred

2020-06-20
Kellogg Brown & Root (www.kbrjobs.com)
Other

/yr

  full-time   employee


Niceville
Florida
32588
United States

Title:

Application Cybersecurity Software Engineer

Application Security Software Engineer

ABOUT THIS POSITION

The successful candidate will be part of the KBR team supporting the Test Resource Management Center’s (TRMC) Test and Training Enabling Architecture (TENA) and Joint Mission Environment Testing Capability JMETC User Support and Cybersecurity Teams. The successful candidate will be assigned Cybersecurity software analysis tasks in support of the development and maintenance of JMETC and other TENA-based Software Applications. Other duties include: documenting, managing configuration, testing, and bug fixing involved in creating, maintaining and hardening applications and frameworks involved within an agile software release life cycle and resulting in a software product. The successful candidate will be expected to utilize the TENA Framework and Build System and follow processes that ensure high quality and cybersecure software is delivered to our government customer.

Job Duties:

  • We are looking for an Application Security Engineer to integrate security at every phase of the software development life cycle by working closely with developers to ensure applications are secure from inception through release.
  • The Application Security Engineer role is intended to help developers create hardened applications to ensure the best in class security for TRMC customers.
  • The Application Security Engineer is expected to have experience with many different coding languages and software analysis tools, such as Fortify, Coverity, etc.
  • The Application Security Engineer is expected to scan code from the program through Fortify and be able to make recommendations to developers for fix, analyze results, print reports at the developer and senior management level.
  • The application Security Engineer is expected to be an integral part of the Software Assurance Program and Risk Management Framework Assessment Only program within TRMC.
  • The Application Security Engineer will be DoD 8570-01M Certified as an IASAE II
  • The Application Security Engineer is expected to provide guidance in development best practices, support in software architecture and design, and configuration hardening.
  • Conduct software security vulnerability analysis and risk assessments in support of RMF Assessments for all of TRMC
  • Design Public Key Infrastructure (PKI) into software platforms (includes use of certification authorities (CAs) while adhering to industry standards)
  • Work with Cybersecurity and Development teams to improve software security through activities including: vulnerability testing, investigation, reporting and mitigation of incidents, patch management and maintenance, vulnerability tracking, setup and review of output from security tools including software code analysis tools
  • Test and validate security and quality of code using Fortify and other Software Analysis tools
  • Draft technical documentation pertaining to software code analysis
  • Serve as a technical security consultant to the development team
  • Manage and track vulnerabilities associated with Open Sour Source Software used
  • Communicate with the security and development teams to follow up on software security related issues.
  • Conduct risk and vulnerability assessments at the application level
  • Research, evaluate, and recommend new security tools, techniques, and technologies
  • Prepare security reports at the technical and executive levels
  • Act as a liaison between the Cybersecurity Team and the Development Team

Required Skills:

  • Expertise with all aspects of secure application development
  • Bachelors Degree with 8+ years experience
  • Expertise in software testing tools (Testing and Validation)
  • Expertise in software analysis and risk assessments regarding software security

Scheduled Weekly Hours:

40

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

KBR is a global provider of differentiated professional services and technologies across the asset and program lifecycle within the Government Solutions and Energy sectors. KBR employs approximately 38,000 people worldwide (including our joint ventures), with customers in more than 80 countries, and operations in 40 countries, across three synergistic global businesses:

Government Solutions , serving government customers globally, including capabilities that cover the full lifecycle of defense, space, aviation and other government programs and missions from research and development, through systems engineering, test and evaluation, program management, to operations, maintenance, and field logistics

Technology Solutions , featuring proprietary technology, equipment, catalysts, digital solutions and related technical services for the monetization of hydrocarbons, including refining, petrochemicals, ammonia and specialty chemicals, as well as inorganics

Energy Solutions , including onshore oil and gas; LNG (liquefaction and regasification)/GTL; oil refining; petrochemicals; chemicals; fertilizers; differentiated EPC; maintenance services (Brown & Root Industrial Services); offshore oil and gas (shallow-water, deep-water, subsea); floating solutions (FPU, FPSO, FLNG & FSRU); program management and consulting services

KBR is proud to work with its customers across the globe to provide technology, value-added services, integrated EPC delivery and long term operations and maintenance services to ensure consistent delivery with predictable results. At KBR, We Deliver .