Job Title: Security Software Developer

Overview

TISTA Science and Technology is seeking a Cyber Security Developer to join our growing team in Rockville, MD.

TISTA associates enjoy above Industry Healthcare Benefits, Remote Working Options, Paid Time Off, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Tuition Reimbursement, Employee Assistance Program, Paid Holidays, Military Leave, and much more!

*Note that we are unable to sponsor work visas (including H1 transfer or F1 Visa) for this role.

Responsibilities
Work as part of cross-functional Agile and SDLC project teams Perform and manage vulnerability and penetration assessments (network, web, application) to identify control weaknesses, assess the effectiveness of existing controls and provide meaningful recommendations Manual source code review and source code scans Conduct security assessments and provide recommendations to improve security related processes and procedure Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes, and propose and take corrective action as appropriate Participate in periodic risk assessments, vulnerability scans and penetration testing of new and existing systems to identify, investigate and document security weaknesses Document Security Assessment Reports (SARs), Risk Assessment Reports (RARs), and Plans of Action and Milestones (POAMS) Identify and report Plan of Action and Milestone (POAMs) to system owners at a detail level and monitor for corrective actions Research and stay up-to-date on industry standards and any new vulnerabilities and risks Assess systems to analyze risk and report weaknesses findings Work with developers and DBAs in addressing findings Assess and review current technology infrastructure to identify key risk areas, and ensure adequate levels of controls are in place to address those risks Participate in internal and external compliance initiatives including audit requests, security reviews and other tasks associated with improving the company's security posture

Qualifications
10+ years of IT security experience Hands-on experience in agile software development process Extensive source code analysis and scanning Solid Java knowledge and historical development skills DevSecOps experience a plus Recognized IT security certification, such as a Certified Information Systems Security Manager (CISSM) or Certified Information Systems Security Professional (CISSP) Experience mitigating security risks and documenting plans of action and milestones (POAMs) Knowledge of and experience with Federal security regulations, standards, and processes including FISMA and NIST Experience with vulnerability scanners and vulnerability management tools such as Tripwire, Guardium, Nessus, etc Strong written and oral communication skills
Education:
Bachelor's Degree in related field of study
Clearance:
Ability to obtain an MBI clearance
Location:
Remote