- 26-Apr-2022 to Until Filled (HST)
- Cayuse Native Hawaiian Veterans
- Arlington, VA, USA
- Full Time
Cayuse Native Hawaiian Veterans (CNHV) provides innovative and flexible solutions to federal government clients, emphasizing excellence in the Asia-Pacific region. CNHV's capabilities, market-relevant service offerings, past performance credentials, and diverse status allow government clients to engage quickly and confidently with CNHV. Core service areas for CNHV include Health & Medical Services, Unexploded Ordnance (UXO), Surface & Underwater Range Clearance, Explosive Ordnance Disposal (EOD), Executive Briefing Teams, Training, Exercise Support, Computer Facilities, and Emergency Management Services.
This position will be responsible for performing "paper" assessments of cloud applications before and after their move into production. These assessments will be responsible for review of design specifics, applying established cyber standards and best-practices.
The position will also be responsible for using an automated cyber assessment tool (HP Fortify or similar) to identify any cyber issues with developed systems. Whether the assessment is manual or automated, the position will then be responsible for: identification of cyber gaps and vulnerabilities; and working with development teams under a Dev/Sec/Ops approach to prioritize gaps/vulnerabilities, identify mitigation approaches, and track mitigation implementation.
- Knowledge of/applied experience with best cyber practices in a cloud environment; as assessor or developer
- Maintain a Cyber Hygiene Score Card
- Knowledge of/applied experience with cloud architecture (Azure, AWS, and/or Google)
- Knowledge of/applied experience with automated cyber assessment tools (ex. HP Fortify)Experience
- Prioritizing/tracking mitigation of identified cyber weaknesses in a cloud environment
- Facilitate and manage security vulnerability assessments
- Document security vulnerabilities and present them to technical stakeholders
- Participate in security architecture, design, and control implementation documentation
- Consult as security subject matter expert with product teams, engineers, and others on solutions to security problems
- 3+ years of experience
- TS Clearance
- Awareness of security-related best programming practices/principles for J2EE and .NET
- Experience with application vulnerability assessment/ penetration testing is desired.
- Code review and application development skills are a definite plus
- Experience designing and executing web application security evaluations, as part of a team
- Application security testing techniques, using automated tools and manual testing
- Creation of exploit proofs of concept
- Discovery of application security weaknesses, and writing recommendations for remediation and prevention
- Knowledge of the SDLC and experience working with development teams
- Understanding of web application technologies and development processes
- Up-to-date knowledge of current cyber threats
- Normal physical conditions
- General office environment
- Must be able to sit for long periods of time looking at computer screen
- May be asked to work a flexible schedule which may include holidays
- May be asked to travel for business or professional development purposes
- May be asked to work hours outside of normal business hours
As an equal opportunity employer, Cayuse Native Hawaiian Veterans is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants that require accommodation in the job application process may contact our Operations Department at (541) 278-8200 for assistance.