CYBER SWA Team Lead

Job Location US-VA-Pentagon
Posted Date 3 weeks ago(2/1/2018 3:45 PM)
Requisition ID
2018-40287
# of Openings
1
Category
Cyber Security
Minimum Clearance
TS/SCI
% Travel
None
Relocation Eligible
No

About Engility

Engility delivers innovative solutions to critical challenges facing the nation and the world. As a premier provider of integrated services for the U.S. government, we support the Department of Defense, intelligence community, space communities, federal civilian agencies and international customers. Engility is dedicated to making lives better, safer and more secure.

Description

  • Ensure security is addressed holistically and systematically throughout the Software Development Life Cycle (SDLC).
  • Ensure Software Assurance teams provide best-in-class techniques, tools and education to support and increase software security.
  • Develop and maintain software assurance processes and practices to discover and diagnose software throughout the Software Development Life Cycle (SDLC).
  • Ensure their SwA process includes Security Engineering reviews on the system architecture.
  • Participate in mission meetings required to document the customer requirements and produce a Software Assurance Plan (SwAP).

Required Qualifications

  • 10 or more years IT Security and programming experience or Computer Science Bachelors Degree;
  • 5 or more years IT Security and programming experience in the Army/DOD or Computer Science Bachelors Degree;
  • 8570 Compliant for IAT II CND Auditor and possess an approved Computing Environment Certification;
  • Shall possess at the time of award, and retain, GIAC Web Application Penetration Tester (GWAPT) and GIAC Secure Software Programmer (GSSP) certifications;
  • Shall possess at the time of award, and retain, Certified Ethical Hacking (CEH)
  • Shall possess at the time of award, and retain, Top Secret clearance and DIA adjudicated SCI eligible
  • Demonstrate expert-level knowledge in planning, directing, and managing projects/operations in an organization similar in size to this acquisition;
  • Demonstrate expert-level knowledge and supervision of employees of various labor categories and skills in efforts similar in size and scope as this acquisition;
  • Demonstrate expert-level knowledge of Army, DOD and industry accepted policies, standards, best practices, and regulations related to Security Engineering;
  • Demonstrate strong working knowledge of large, complex IT environments;
  • Demonstrate experience in a DOD IT environment;
  • Demonstrate experience with researching and fielding new and innovative technology;
  • Expert ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff as well as clients;
  • Demonstrate the capability to deliver presentations to senior leaders and in a conference setting;
  • Demonstrate expert-level ability to utilize the Open Web Application Security Project (OWASP) testing guide as a baseline for conducting assessments;
  • Demonstrate ability to conduct security forums and workshops to discuss Software Security Assurance;
  • Demonstrate expert-level ability to conduct static and dynamic analysis on all applications (i.e. manual inspections & review, threat modeling, code review, and penetration testing);
  • Demonstrate knowledge of the Common Weakness Scoring System (CWSS) to score software discovered vulnerabilities;
  • Demonstrate expert-level knowledge of Microsoft .NET programming language. Able to understand and manipulate other programming languages Python, PHP, JAVA, classic ASP, C, C#, C++ etc;
  • Demonstrate ability to assess an application’s architecture and ensure that security is incorporated into the design of the system;
  • Demonstrate ability to generate threat models, mapping the theoretical attack surface for an application and analyze the impact, likelihood, and prevalence of security flaws;
  • Demonstrate expert-level ability to identify, align, manage and disseminate access to prescriptive and proscriptive guidance such as security principals, guidelines, design patterns, secure coding standards, security weaknesses (Common Weakness Enumeration), attack patterns (Common Attack Pattern Enumeration and Classification);

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Engility is proud to be an Affirmative Action/Equal Opportunity Employer. Engility provides equal employment opportunity for all persons, in all facets of employment. Engility maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks. If you are a qualified individual with a disability or a disabled veteran, and need a reasonable accommodation to use or access our online system, please contact us via our home page.