Software Security Engineer - ICE SEVIS
Description:
Overview:
The software security engineer plays a critical role in a DevSecOps team modernizing and improving critical software by ensuring that security practices are baked into the teams' policies, processes and pipelines.
Responsibilities:
The overall responsibility of the Software Security Engineer is to implement, test, and operate advanced software security techniques in compliance with technical reference architecture. Perform on-going security testing and code review to improve software security. Troubleshoot and debug issues that arise. Provide engineering designs for new software solutions to help mitigate security vulnerabilities. Contribute to all levels of the architecture. Maintain technical documentation. Consult team members on secure coding practices. Develop and maintain familiarity with new tools and best practices. Engineer and implement DevOpsSec (CI/CD) pipelines and incorporate security protocols while deploying infrastructure as code (IaC).
Qualifications:
Bachelor’s degree in science, technology, engineering, and math (STEM) field and 9 years IT security (Cybersecurity) experience; or 7 years with a Masters; or 4 years with a PhD.
5 years technical leadership experience.
Certified Information Systems Security Professional (CISSP), or Certified Secure Software Lifecycle Professional (CSSLP) Certification, or Certified Application Security Engineer (CASE) Certification.
AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional.
Experience with DevOpsSec pipeline tools including configuration management, requirements (e.g. JIRA), automated testing, automated deployments, blue green deployments, and branching strategy and implementation.
Familiarity with Systems Engineering processes and milestones; understanding of the requirements analysis, decomposition, and allocation process.
Experience with performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series.
About Highlight:
For over ten years, Highlight has provided Development and Modernization, Secure IT, and Mission Solution services to our federal government customers. Our team knows the technology; we understand how our customers and their stakeholders work; and we know how to implement industry best practices to deliver high-quality, end-to-end solutions that minimize risk and maximize results.
Since our inception, Highlight has had an employee-first mindset. Our mission is to provide employees with rewarding and impactful career opportunities. In 2021, Highlight’s founder, Rebecca Andino, implemented an Employee Stock Ownership Plan to embody and expand our culture of transparency, teamwork and rewarding the work of our employees. By becoming an ESOP, our employee-owners share in the success of the company through their ownership stake. To learn more about ESOPS, check out: .
We’re an Equal Opportunity Employer (EOE) that empowers our people to fearlessly drive change - regardless of their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other characteristics. Our team is dedicated to foster diversity within our teams to promote creativity, innovation, and teamwork to deliver the best solutions for our customers.
To receive compensation and benefits information for this role, contact us or email us at Please include the Req ID (this is at the top of the posting under the position title) in the subject line of the email.
#cwhp
Permanent