HII – Mission Driven Innovative Solutions Inc. (HII-MDIS) provides mission-critical engineering and technical service to Information Technology, Federal Civilian, and National Security, Aerospace & Defense and International government and commercial customers at over 100 locations worldwide.
HII – MDIS is currently seeking a Security Analyst for the U.S. Air Force Software Testing Lab to work out of the Air Force Agency for Modeling and Simulation (AFAMS) building in Orlando, FL.
Duties and Responsibilities (to include but not be limited to the following):
Using existing authorization documents, create an inventory of all software that requires Assessment or Authorization from an AO. The format and fields of the inventory will be specified by the SCA. The inventory should be updated monthly and is a deliverable.
Develop and publish an Approved Products list on a government provided SharePoint Site. This list will contain all software that has been approved by an AO.
Develop and publish the procedures and methodologies for assessing software. SCA concurrence with the document’s contents is required before publishing. This document will be a deliverable and it should be updated quarterly.
Perform Static Code Analysis on source code and prepare a standardized report to an AO and Program Office detailing any vulnerabilities found.
The team should integrate itself into the software development lifecycle of programs and provide the following services:
Consult programs on secure coding practices and advocate for security to be included in the software development life cycle.
At the request of a Program Management Office, perform static code analysis to assist in the System Engineering Technical Review Process.
Qualifications and Experience:
Bachelors/Master’s Degree in Computer Science
5 years’ experience in the fields of Software Development, Computer Programing or Malware Analysis
IAT Level II Certification: (Secuirty+CE, GSEC, SCNP or SSCP)
Experience with static code analysis tools like Fortify and Veracode
Experience with network monitoring tools like Wireshark and TCPDUMP
Experience analyzing vulnerabilities
Professional certifications such as CISSP and CSSLP
Secret clearance required.
The selected applicant will be subject to a security investigation and must meet eligibility requirements for access to classified information.
All candidates will be subject to a pre-employment background investigation and drug screening per HII requirements