Description
SAIC is seeking a Software Assurance Engineer to support a Chief Information Office in a large DoD organization. The environment is cutting edge with new technology and equipment supporting science and technology research and development.
This is a full time hybrid position. Most days they will work remotely, but must be able to travel to Huntsville, AL (sometimes on short notice) for meetings, etc. when required by customer.
This position can use an alternate work schedule with every other Friday off.
Job Overview:
Candidates will serve as a Software Assurance Engineer providing recommendations to other software engineers on security aspects of code development in relation to resolving vulnerabilities identified in Fortify scans. The position will also have the opportunity to build DevSecOps processes and tools that can then be used by the various CIO customers in the organization which includes on premise and Cloud strategies.
Key duties/responsibilities include, but are not limited to:
Review Fortify FPR’s to concur/non-concur with developer analysis of SCA findings.
Administer Fortify Scan Central servers, Software Security Center.
Install, configure and trouble-shoot Fortify SCA on software developer computers.
Conduct scan review process which may require complex code analysis.
Perform scan review against ASP.NET Webforms and MVC web applications.
Research Fortify SCA findings to determine severity and potential fixes.
Develop and document clear guidelines for handling or remediating common issues.
Coordinate with CIO Cyber security elements on software assurance issues
Support software assurance development activities within the organization.
Write simple test cases in JavaScript, CSS, jQuery, and Bootstrap
Qualifications
Required Education:
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
Qualifications:
Experience with web-oriented development
Experience with the identification and remediation of common code security issues that occur in web-oriented code.
Experience performing code reviews with an emphasis on code security.
Experience using industry-standard static and dynamic code-security-analysis tooling.
Understands ASP.NET, Web Forms, MVC, and Razor Pages. Both standard .Net Framework and .NET Core technologies.
Knowledge of Multi-tier architecture
Understands JavaScript, CSS, jQuery, and Bootstrap 3 and 4.
Clearance Requirement
Must be able to obtain, maintain and/or currently possess a security clearance. A minimum of an Interim Secret clearance required to start.
Certifications:
Must have a current COMPTIA Security+ certification
Target salary range: $100,001 - $125,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Overview
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.
