eGlobalTech

  • Application Security Engineer

    Job Location
    US-MD-Baltimore
    Active Security Clearance Required
    Public Trust
    Status
    Current
  • About the Role

    eGlobalTech, a TetraTech Company, is looking for an Application Security Engineer to join an innovative Information Systems Security and Privacy program located in Baltimore, MD. This role will be responsible for maintaining the appropriate operational security posture for this program and require hands-on experience evaluating, designing, documenting, implementing, operating, testing, and monitoring security and privacy controls for various web applications and an automated CI/CD DevSecOps pipeline. eGlobalTech offers Employee Stock Purchase Plans, 401K w/ match after just 90 days, 20 days PTO, Federal Holidays, Unlimited Udemy Training Courses, employer paid teledoc service, and much more.

    Responsibilities

    • Support, implement, maintain, and monitor security and privacy controls in compliance with FISMA, HIPAA, FedRAMP, and NIST RMF requirements and guidance.
    • Work with developers to refine security checkpoints in the SDLC and make sure information security risks are managed throughout all phases.
    • Use automated tools to perform source code security analyses to identify vulnerabilities and attack vectors in web applications.
    • Complete a Security Impact Analysis as part of each sprint within an agile development organization.
    • Provide Federal Information Security Management Act (FISMA) support and subject matter expertise.
    • Independently develop a variety of C&A deliverables including: System Security Plans, E-Authentication Risk Analysis, Privacy Impact Assessments, Annual Assessments, Contingency Plans, Incident Response Plans, and FIPS 199 Security Categorizations, etc.
    • Develop and maintain Plans of Action and Milestones corrective actions for audit findings.
    • Recommend system architecture solutions based on industry best practices and knowledge of Federal and organizational security guidelines.
    • Performs periodic internal audits, vulnerability assessments, and Web Application testing.

    Required Qualifications

    • Experience working as part of an agile scrum team, assisting with security-related tasks and deliverables associated with bi-weekly sprints.
    • Hands-on experience with implementing, documenting, maintaining, and monitoring Acceptable Risk Safeguards control requirements.
    • Experience in implementing and enforcing policies, procedures and guidelines in a complex environment.
    • Experience assisting with the implementation of an automated CI/CD DevSecOps pipeline.
    • Experience using vulnerability scanner such as Nessus, OpenVAS, Retina or Nexpose.
    • Experience running static analysis /static application security testing tools such as SonarQube, Fortify or Veracode.
    • Experience running dynamic application security testing tools such as WebInspect, AppSpider, Acunetix, AppScan, Qualys, Burp Suite Pro or OWASP ZAP.
    • Experience running component analysis tools such as Sonatype Nexus IQ, Synopsys Black Duck, OWASP Dependency-Check/Track.
    • Experience with GRC tools, such as CSAM, CFACTS, TAF, or Xacta.
    • Understanding of, and ability to communicate, security and risk implications to technical and non-technical audiences.
    • This position requires a badge and or clearance that requires an extensive background/credit check.

    Desired Qualifications

    Business Analyst, BA, business analyst, ba, requirements gathering, Senior BA, Sr. BA, Technical BA, Technical Business Analyst, Program Manager, Project Manager, Wireframes, visuals, Agile, agile, sprint, scrum master, developer, development, Salesforce, SalesForce, business analysis, Business Analysis, requirements, wire frame, stakeholder enagement, CSM, PMP, Certified Scrum Master, Project Management Professional

    About Us

    Founded in 2004, eGlobalTech is a leading management and IT consulting firm in the Washington, D.C. metropolitan area. Our focus is to provide the public sector with innovative solutions, leveraging cutting-edge tools and methodologies to meet the Government’s most pressing business needs. To achieve this objective, our core practice areas – strategy, IT solutions development, cyber security, and cloud computing – are integrated to provide clients with comprehensive end-to-end results. This integration enables our highly motivated teams to thrive in a culture that encourages out-of-the-box thinking, collaboration and an environment where you can excel. For more information, please visit our website at www.eglobaltech.com.

     

    Equal Employment Opportunity:

     

    eGlobalTech is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, sexual orientation, gender identity, or status as a qualified individual with a disability. EEO is the Law.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed