Dovel Technologies

  • Security Analyst

    Job Locations US-MD-Rockville
    ID
    2018-2736
    # of Openings
    1
    Category
    Information Technology
    Type
    Regular Full-Time
  • Overview

    Dovel Technologies, LLC provides leading edge software and application development services specializing in mission driven solutions that address complex business processes and technology challenges. We practice CMMI ML3 processes and delivery solutions and are an innovative mission oriented technology company focused on complex business and technical challenges, ensuring solutions support the achievement of your mission. Our team creates software solutions that help customers communicate, access, and store mission critical information. Dovel is instrumental in the design and implementation of some of the most mission critical and innovative systems in government today.

    Responsibilities

    • Act as the primary security focal point for customers, auditors, account management
    • Ability to lead security activities
    • Understanding of Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST) Guidelines best practices and application of these standards to Federal systems
    • Lead Cyber Security, Information Assurance (IA), and Information Technology (IT) integration projects
    • Search for security issues and make solutions and proposals regarding improvement
    • Security incident and security risk documentation, coordination or process execution
    • Manage root cause analysis for security incidents and audit findings

    Qualifications

    • Bachelor’s Degree in a related field and 7 years of security experience.
    • 3 years of hands-on experience with penetration and testing of web applications in Java or .NET.
    • Experience with Application Scanning.
    • Solid understanding of IT Security processes.
    • Technically skilled with Linux and AWS environments and willing to quickly learn new tools.
    • Experience in managing security in AWS environment.
    • Draw upon professional concepts to collaborate with others to carry out assigned duties.
    • Challenge the validity of given procedures and processes with the intent to enhance and improve.
    • Play an active role in managing the various disaster recovery exercise projects annually.
    • Handle multiple tasks, and ability to be flexible, creative, showing initiative and being persistent as a team player.
    • Candidates must be able to obtain and maintain a Public Trust Clearance.

     

    Desired Skills:

    • Cybersecurity forensics analysis
    • Experience performing architecture reviews and threat modeling.
    • Experience with SAST tools to extent that guidance can be provided to the development team on implementation and use.
    • Experience with DAST tools such as HP WebInspect, Zap, Burp.
    • Familiarity with infrastructure scanning tools such as Nessus and vulnerability remediation guidance.
    • Ethical hacking certification, GIAC GWAPT, GSSP, or GWEB certified preferred.
    • Excellent oral and written communication methods and techniques to accomplish continuing coordination with IT program managers, customers, etc. and prepare and present briefings to senior IT staff on complex IT security issues.
    • Knowledge of IT concepts, principles, and practices.
    • Knowledge of NIST information security policies, vulnerabilities of computer and data communications systems, and the basic tools and practices for protecting information systems.
    • Ability to perform incident handling; monitoring, identifying, remediation, and reporting.
    • Assist in the execution of the annual SSAE 18 audit, Federal CFO audit, Federal A123 audit as well as on-demand company requested audits.

       

    Dovel Technologies is an Equal Opportunity Employer Minorities/Females/Veterans/Disabled

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed