Job Closed
This listing is no longer active.
PingWind is CVE-certified and a service-disabled-veteran-owned small business (SDVOSB) helping federal government clients increase the security and performance
Cyber Applications Engineer, Information Assurance
Location
United States
Posted
107 days ago
Salary
0
Seniority
Mid Level
Job Description
Cyber Applications Engineer, Information Assurance
PingWind
• Reports to the SEAP Cyber team manager • Support the SEAP Program (SUSTAINMENT TO EXISTING APPLICATIONS PORTFOLIO). • Perform web application scanning & application security assessments. • Perform manual application testing to identify vulnerabilities or deviations from software standards. • Provide timely and detailed reports, with proofs of findings and analysis of risk. • Assist with integration of static & dynamic web application assessments into secure SLDC lifecycles • Use SharePoint and other collaboration tools to collect, monitor, and manipulate C&A documentation through the collection, review, approval, and final distribution processes. • Supports the SEAP Program and related teams in areas of Risk Management Framework (RMF) for DoD IT, DoD/Army Regulations, Incident Response, Software Assurance, and related Cyber disciplines. • Work closely with representatives from other divisions and branches (IT, Networking, etc.) to request information, provide clarification, and validate findings, evidence, and POA&M statements. • Maintain and meet deliverable schedules. Must be proactive in obtaining information from multiple internal and external teams to complete requirements on schedule. • Additional details of positions will be provided to qualified applicants.
Job Requirements
- Minimum 2 years’ relevant experience.
- Bachelor’s degree in Information Technology, Computer Science, or related field. Substantial experience in lieu of degree may be considered.
- Current DoD 8570.01-M Information Assurance Technical IAT Level II (IAT II) baseline certification, such as Security+ CE. Uncertified candidates cannot be considered.
- U.S. citizen with active DoD SECRET level security clearance. Uncleared candidates cannot be considered.
- Development background is required.
- Microsoft .NET or Java development experience required. Microsoft .NET is preferred.
- Knowledge of SDLC methodologies.
- Intermediate to advanced knowledge of secure code development practices and OWASP Top 10 web application security issues.
- Web services development and design with integrated security engineering experience.
- Requires excellent English verbal and writing skills including report generation, presentations, and technical writing.
- Highly organized with the ability to independently maintain schedules and meet deadlines.
- Experience with supporting assessment of IT systems compliance with Federal IT Security standards. (NIST 800-53, FISMA, etc.)
- 3-7 years of web application development related work experience.
- Experience performing manual and automated code review and penetration tests for complex applications.
- Experience with static code scanning tools (Fortify, AppScan, etc.)
- Experience with dynamic analysis tools (Burp, Zaprozy, SQLMap, BeEF, DAVtest, dirb, fierce, curl, hping, etc.)
- Technical understanding of database, web server, and operating system security as well as application security in leading cloud platforms.
- Knowledge of security systems and controls, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Understanding of data handling privacy standards to include PII and PHI.
- Familiarity with DISA application security related Security Technical Implementation Guides (STIGs) and RMF implementation.
- Veterans with prior Army/DoD Cybersecurity experience highly desired.
Benefits
- Eleven Federal Holidays
- Paid Time Off accrued each pay period
- Parental Leave
- Three medical plan choices with generous employer contribution
- Dental and Vision Insurance
- Company paid Short-Term and Long-Term Disability
- Company paid Life and AD&D Insurance
- 401k with competitive matching and vesting schedule
- Continuing education assistance
- Short Term / Long Term Disability & Life Insurance
- Medical, Dependent Care and Commuter Flexible Spending Accounts
- Employee Assistance Program
- Wellness benefits include Calm Health app and WellHub gym subsidy (formerly GymPass)
- 529 College Savings Plan
- Legal Insurance
- Pet Insurance
Related Guides
Related Categories
Related Job Pages
More Engineer Jobs
AppSec Engineer II
LivePersonLivePerson is an online engagement solutions company, which means that it works with clients to provide their customers with real, live assistance and advice. The company was found
• Manage and enhance application security tools (Static Code Analysis, Open Source vulnerabilities tools, Dynamic Application Security tools, etc), integrations, and develop in-house application security automation tools • Validate discovered vulnerabilities using code review skills and manual/semi-automatic tooling like Burp. • Validate external penetration test results and work with internal and external stakeholders. • Perform some security penetration tests (both application and infrastructure for Web and mobile applications) • Work with the engineering and security teams to provide actionable reporting, find and explain security issues, suggest mitigations, and determine when issues are mitigated. • Stay up to date on the latest testing tools and techniques ensuring both your and the team is using the most effective and efficient methods. • Produce both high level and detailed reports and metrics to support data-based decisions. • Assist in creating and updating Application Security procedures, policy, standards and guidelines • Train, coach and mentor other members of the team, development and the broader LivePerson Security and Engineering teams.
Senior Mechatronics Engineer
Sioux Technologies AsiaSioux aims to add value to its clients and build high-tech solutions that can contribute to society and make it smarter.
• Translate performance requirements into subsystem concepts and engineering requirements • Lead design, development, and commissioning of mechatronic systems • Make key design decisions on motion system design, sensing, actuation, control strategy, and system integration • Lead design trade-offs between performance, cost, manufacturability, and reliability • Review designs and plans • Support industrialization, validation, and release of systems • Collaborate with system architects, project managers, and lead engineers • Be on-call for commissioning and troubleshooting primarily in The Netherlands • Travel to end customers in SEA for commissioning and troubleshooting.
Storage Performance Engineer
VultrVultr is on a mission to make high-performance cloud computing easy to use, affordable, and locally accessible.
• Primary responsibility is to improve the performance of Vultr’s high performance, cloud-based storage offerings from a customer-focused perspective • Perform benchmarking and analysis of storage performance in various combinations of our storage products and GPU and Compute products. • Analyze and recommend performance tuning to improve storage performance across these benchmarks. • Continually enhance the Ceph-based Cloud Storage System in terms of stability, scalability, functionality, performance and cost • Actively participate in the design and architecture decisions for Ceph-based Cloud Storage • Develop automation framework and improvements for our Ceph-based Cloud Storage infrastructure • Optimize existing metrics collection and alerting systems • Contribute to our internal documentation and knowledge base
• Translate performance requirements into subsystem concepts and engineering requirements • Lead design, development, and commissioning of mechatronic systems • Make key design decisions on motion system design, sensing, actuation, control strategy, and system integration • Lead design trade-offs between performance, cost, manufacturability, and reliability • Review designs and plans • Support industrialization, validation, and release of systems • Collaborate with system architects, project managers, and lead engineers • Be on-call for commissioning and troubleshooting primarily in The Netherlands • Travel to end customers in SEA for commissioning and troubleshooting. Being a key contact person for our customers’ end customers in case of needed support.
