Northrop Grumman Information Systems sector is seeking a Information Assurance Engineer 4 to join our team of qualified, diverse individuals.
Where will you find innovation and technology? Right here at Northrop Grumman Corporation. The qualified applicant will support MDA IT Services Information Assurance Crew on the JRDC program located at the Missile Defense Integration and Operations Center (MDIOC) on Schriever AFB, CO. This position is contingent on Mod G to the contract.
Roles and Responsibilities:
Information Assurance Software Security Analyst to perform software code audits for the Missile Defense Agency (MDA). Will use industry best practice, DISA STIG's, and other resources as the audit criteria. Will manage a queue of requests for code audits for multiple coding languages. Will run code auditing tools on submitted software and generate comprehensive compliance reports in a timely manner. Will also be responsible for researching new technologies and evaluating products, interacting with customers to gather requirements, and offering creative solutions. Responsible for creating and presenting project designs & processes, writing documentation, and performing user training. Even though it is a team environment, the job requires an individual to be able to independently perform all aspects of software code auditing. Will oversee the output and quality of product of the code review effort.
Qualifications
Basic Qualifications:
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
- Bachelor's degree and 9 years work experience in
software development to include analysis of
software vulnerabilities and mitigation strategies
for vulnerabilities (years of experience may be
accepted in lieu of a degree)
- Experience in web application or interactive client
design & development, 2 years work experience
using Microsoft .NET 2.0 or later, and 2 years
working with SQL Server 2005/2008
- Knowledge/experience with at least one of the
following programming languages: Internet
Information Service (IIS) administration, LINQ,
MVC, WPF with MVV-M pattern design, WCF,
HTML, JavaScript, Oracle RMDBS, or ColdFusion,
classic ASP, .NET (C#, VB), Visual Basic, Perl,
Powershell, VBS
- Experience in using Fortify 360 Source Code
Analyzer
- Familiar with secure programming theory, common
software and database security vulnerabilities, and
remediation processes
- Ability to manually review code to filter out false-
positive results from automated code review
findings
- Security+ certification is required within 60 days
of hire
- Must be able to obtain a Secret Clearance
Preferred Qualifications:
Candidates with these desired skills will be given preferential consideration:
- Master's degree and 10 years work experience in
software development to include analysis of
software vulnerabilities and mitigation strategies
for vulnerabilities
- Current Microsoft Certified Professional
Developer (MCPD) certification is strongly
preferred
- At least one of the following certifications is
desired: GSEC; SCNP; SSCP; CISA; CISSP; GSE;
SCNA
- Familiarity with the MDA and BMDS programs
- Familiar with DISA STIG compliance rules and
regulations
- Position prefers a candidate with a current Secret
Clearance
Northrop Grumman Corporation is a leading global security company providing innovative systems, products, and solutions in aerospace, electronics, information systems and technical services to government and commercial customers worldwide.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.
|
|
|
||
|---|---|---|---|
|
|
|
|