Tech Stack

Description

You will lead software security engineering activities for modernization and O&M of custom applications, conducting secure code reviews, vulnerability assessments, and security architecture evaluations while ensuring compliance with federal security frameworks.

Requirements

• CISSP certification
• 10+ years of software security engineering experience in one or more of the following areas: Securing custom or legacy software systems, Secure coding practices, Federal security frameworks, AWS GovCloud, DevOps
• Active TS/SCI security clearance

Responsibilities

• Lead software security engineering activities for modernization and O&M of custom applications.
• Conduct secure code reviews, vulnerability assessments, and security architecture evaluations.
• Implement and enforce secure SDLC processes and automation in coordination with development teams.
• Ensure compliance with NIST RMF, FISMA, and agency security policies.
• Support risk assessments, incident response, and preparation of security documentation and ATO artifacts.