Apply on Employer Site

Quantum Research International · 3 hours ago

SECURE SOFTWARE ASSESSOR

Fort Belvoir, VA

Full-time

Onsite

Mid Level

Quantum Research International, Inc. is a certified DoD Contractor providing services in various domains including Cybersecurity and Artificial Intelligence. They are seeking a motivated Secure Software Assessor to analyze the security of software applications and mitigate risks during the Software Development Life Cycle.

Cyber Security

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Apply the automated enterprise NGA Software Assurance Process (SWAP) process for submission and adjudication of NGA software requests

Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules

Consult with engineering staff to evaluate interface between hardware and software

Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration

Identify basic common coding flaws at a high level, identify security implications, and apply methodologies within centralized and decentralized environments across the enterprise's computer systems in software development

Identify security issues around steady state operation and management of software and incorporate security measures that must be taken when a product reaches its end of life

Analyze security needs and software requirements to determine feasibility of design within time and cost constraints and security mandates

Conduct trial runs of programs and software applications to ensure that the desired information is produced, and instructions and security levels are correct

Qualification

IAMIAT Level 2 certificationsComputer Network Defense (CND)Government data security standardsSoftware development lifecycleSecure software deployment methodologiesRisk management processesBasic system security threatsNetwork security methodologiesCommunication skills

Required

TS/SCI eligible, subject to CI Polygraph

IAM or IAT Level 2- certifications or better

Bachelor's degree. In lieu of degree, Sec+, CSSLP, or GSEC may be accepted

Experience with Computer Network Defense (CND) Intelligence Analysis, Assessments, and/or Open-Source Research

Knowledge of Government standards for data security such as markings, handling of classified and unclassified information, and how to handle the distribution of this information

Knowledge of computer networking concepts and protocols, and network security methodologies, as well as risk management processes (e.g., methods for assessing and mitigating risk)

Understands basic system and application security threats and vulnerabilities

Familiar with the software development lifecycle