The Missile Defense Agency (MDA) is looking to solve cybersecurity evaluation and penetration testing problems for software applications, identifying vulnerabilities, security gaps, and compliance risks.
Requirements
- Experience with secure coding practices and software vulnerability assessment tools (e.g., Nessus, Burp Suite, Fortify, SonarQube).
- Familiarity with secure software development lifecycle (SSDLC) methodologies.
- Strong knowledge of encryption protocols, authentication mechanisms, and network security.
- Experience conducting cybersecurity assessments in DoD or government environments.
- Understanding of container security and DevSecOps principles.
- Familiarity with threat modeling, risk assessment frameworks, and security controls testing.
- Knowledge of cloud security best practices (AWS, Azure, GovCloud).
Responsibilities
- Conduct cyber evaluations of software applications, identifying vulnerabilities, security gaps, and compliance risks.
- Perform static and dynamic analysis of software code to detect security flaws, backdoors, and other vulnerabilities.
- Test applications for compliance with DoD cybersecurity frameworks, including NIST 800-53, RMF, and STIGs.
- Perform penetration testing and vulnerability assessments on government software systems.
- Assist in the identification and mitigation of application-level vulnerabilities.
- Document findings, create security reports, and provide actionable recommendations for remediation.
- Assist in the development of secure coding practices and software security guidelines.
Other
- Must have 6, or more, years of general (full-time) work experience
- Must have 1, or more, years of experience working in a management or leadership role
- Must have an active DoD Secret Security Clearance
- Travel Required: Up to 10% of the time
- Must have a Bachelor’s degree (or higher) in Cybersecurity, Computer Science, or a related field
