Software Engineer

Job Category: Engineering

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: None

What You’ll Get to Do:

You will perform security vulnerability assessments that are an integral part of our independent verification and validation process. You will perform vulnerability scanning, static source code analysis, reverse engineering, penetration testing, traffic analysis, documentation, reporting and analysis requirements.

More About the Role:

• Perform comprehensive security assessments of identified and applied security controls. Provide summaries of initial assessments in Security Assessment Reports (SAR) that address the technical evaluation and results of assessment, identify weaknesses or deficiencies, and recommend corrective actions for risk mitigation.
• Perform and assess the degree to which a system is compliant with operating system, network, and application security STIG reviews.
• Perform host and network based security control assessments, determine residual security risks, Prepare assessment test reports, prepare and assess test plans, and provide formal recommendations in support of authorization.
• Review and analyze the findings that identify security issues on the system. You shall compile results and finding into a final Security Assessment Report, along with assessments and recommendations for remediation.
• Conduct testing and scanning via modern techniques and scanning tools, including manually (software and hardware) used either remotely or locally on the systems to evaluate compliance and to identify security vulnerabilities, threats, risks, and gaps. You will review and analyze the findings that identify security issues on the system.
• Scanning source code, auditing results with development and/or security teams and offering plans for remediation of vulnerabilities.
• Install, configure, and maintain laboratory environments and equipment used in these security vulnerability assessments. Implement, administer, and troubleshoot lab network infrastructure devices, such as switches, routers, and user workstations, including virtual machines.

You’ll Bring These Qualifications

• University Degree BS in CS/CE/EE/Cyber Security or equivalent experience
• Knowledge and experience in security disciplines including, but not limited to, software security, operations security, administrative security, and communications security.
• Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.
• Ability to develop best practices for processes and standards that will better the system.
• Knowledge of security system design tools, methods, and techniques.
• Knowledge of known vulnerabilities from alerts, advisories, and bulletins
• Knowledge and experience in modern programming languages, C, C++, C#, Python, etc.
• Knowledge and experience in Linux, Microsoft Windows, and Microsoft Office applications.
• Knowledge of IP networking and equipment installation, configuration, and maintenance.

These Qualifications Would Be Nice to Have:

• Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.
• Experienced in system testing methodologies that include: Penetration testing, Configuration analysis, Security best practices validation
• Experienced in CodeSonar, Black Duck, Whitesource, Burp, Coverity, Nessus, Nexpose
• Experienced in security testing and penetration tools that include: Kali Linux, Metasploit, Nmap, Wireshark, Red / Blue team assessment experience.

Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.