Dovel Technologies

  • Security Analyst

    Job Locations US-MD-Rockville
    ID
    2018-2739
    # of Openings
    1
    Category
    Information Technology
    Type
    Regular Full-Time
  • Overview

    Dovel Technologies, LLC provides leading edge software and application development services specializing in mission driven solutions that address complex business processes and technology challenges. We practice CMMI ML3 processes and delivery solutions and are an innovative mission oriented technology company focused on complex business and technical challenges, ensuring solutions support the achievement of your mission. Our team creates software solutions that help customers communicate, access, and store mission critical information. Dovel is instrumental in the design and implementation of some of the most mission critical and innovative systems in government today.

    Responsibilities

    • Planning, executing and overseeing remediation activities for valid vulnerabilities that are identified using Application Scanning tools.
    • Work with developers to create a culture of security conscious software developers
    • Communicate to Operations are other functional area on web application vulnerabilities.
    • Create and manage a business process to ensure all vulnerabilities are remediated within the required 30 (Critical/High), 60 (Moderate), and 90 (Low) days to remediate identified weaknesses

    Qualifications

    • BS degree and 7-8 years application security experience or an equivalent combination of education and training that provides the required knowledge, skills and abilities
    • 3-5 years of hands-on technical experience with testing of web applications in Java or .NET
    • Experience with DAST tools such as HP WebInspect, Zap, Burp.
    • Significant experience with application scanning to be able to begin scans immediately.
    • Ideal candidate is technically skilled with Linux and AWS environments and willing to quickly learn new tools
    • Draw upon professional concepts to collaborate with others to carry out assigned duties
    • Challenge the validity of given procedures and processes with the intent to enhance and improve
    • Candidate must be clearable and able to obtain and maintain a Public Trust Clearance.

    Desired Skills:

    • Experience in managing security in AWS environment
    • Experience with SAST tools to extent that guidance can be provided to the development team on implementation and use.
    • Familiarity with infrastructure scanning tools such as Nessus and vulnerability remediation guidance.
    • Ethical hacking certification, GIAC GWAPT, GSSP, or GWEB certified preferred.
    • CISSP certification strongly desired
    • Skill and ability to use of oral and written communication methods and techniques to accomplish continuing coordination with IT program managers, customers, etc. and prepare and present briefings to senior IT staff on complex IT security issues.
    • Broad knowledge of IT concepts, principles, and practices
    • Handle multiple tasks, and ability to be flexible, creative, showing initiative and being persistent as a team player.
    • Knowledge of NIST information security policies, vulnerabilities of computer and data communications systems, and the basic tools and practices for protecting information systems.
    • Ability to perform incident handling; monitoring, identifying, remediation, and reporting.
    • Assist in the execution of the annual SSAE 18 audit, Federal CFO audit , Federal A123 audit as well as on-demand company requested audits

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed