SkyePoint Decisions, Inc.

  • Security Engineer

    Job Location US-VA-McLean
    ID
    2019-1715
    Job Type
    Immediate Hire
    Category
    Information Technology
  • Overview

    SkyePoint Decisions, Inc. is seeking a highly-motivated team member to fill the role of a Security Engineer to join our team of qualified, diverse individuals. The qualified applicant will become part of Northrop Grumman's Department of State (DOS) Consular Systems Modernization (CSM) Program, for the Bureau of Consular Affairs (CA). This initiative is intended to modernize and consolidate the operational environment under a common technology framework in order to better support the services provided to CA’s customers.

     

    As part of the modernization program, the security engineer will be responsible for developing security-based solutions that meet the security criteria of the CSM program and DOS.

    Responsibilities

    • Analyze and review complex system requirements from a security perspective
    • Defining the program's security requirements
    • Review existing solutions, system architectures and software systems, and assist recommending refinements to improve security and enhance the overall security posture
    • Perform Risk Assessments including vulnerability scans, penetration tests (incl. social engineering), 3rd Party (e.g., vendor) risk assessment, and data-centric risk assessment
    • Complete Threat Intelligence including internal, external, online threat information sources and indicators of compromise
    • Perform Security Operations including vulnerability management, data loss/leakage prevention, and incident response
    • Provide Security Engineering including security architecture, secure software development, and cryptography
    • Integrate and support the integration of security into DevOps (DevSecOps) and CI/CD processes
    • Perform static and dynamic analysis of software applications including code reviews (Java, .Net, etc.)
    • Install/Configure and use tools such as CAST, HP Fortify SSC and SCA, and SonarQube to support white box security assessments for application source code
    • Perform intensive analysis of application/platform access control data structures and articulate security requirements 
    • Support cloud-based Identity and Access Management (IAM) and Federated Identity Management (FIM) solutions including trust boundary establishment, identity providers, role definition, security policies, user provisioning, single-sign-on (SSO), and federated identification using SAML, OAuth, or OpenID.

    Qualifications

    • Experience supporting security engineering for medium to large enterprise software application development projects using the SAFe Agile methodology
    • Experience with application security and tools supporting white box security assessments
    • Experience providing security engineering for projects following DevSecOps principles and automated CI/CD pipelines
    • Strong coding skills (Python, Ruby, Java, C#, or Javascript)
    • Working knowledge of network and web protocols (TCP/IP, UDP, IPSEC, HTTP/S and BGP)
    • Strong understanding of system architecture and strategies to improve security for architectural components, including routers, firewalls, load balancers, web servers, networks, databases, applications, and endpoints
    • Working knowledge of current security threats and mitigation strategies
    • Strong understanding of web service technologies (XML, JSON, SOAP, and REST)
    • Excellent communication skills, both verbally and in writing

     

    Preferred Qualifications: 

    • Experience in enterprise software system modernization efforts
    • Experience in cloud-based environments including the development of software that supports architectures that involve public/hybrid clouds
    • Experience with DevSecOps principles and automated CI/CD pipelines
    • Experience with cloud-based Identity and Access Management (IAM) and Federated Identity Management (FIM) solutions for multiple IT systems and/or organizations
    • Experience with supporting high volume, highly available, and secure software systems
    • Experience developing solutions in an incremental manner using the SAFe Agile methodology

     

    SkyePoint Decisions is an established ISO 9000:2008 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customer’s technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.

     

    SkyePoint Decisions empowers a secure dynamic workforce to complete any mission -- anytime, anywhere. It’s what we call Agency Anywhere®. SkyePoint Decisions delivers Agency Anywhere® by tightly integrating our technical competencies (cybersecurity, cloud services, remote access, collaboration, system & network optimization, device management and more) to provide our customer’s operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to successfully and securely complete any mission – anytime, anywhere.

     

    SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed