Security Development Engineer

US-VA-Vienna
Job ID
2017-1250
# of Openings
1
Category
Cyber Security
Clearance Level
Top Secret/ SCI eligibility

Company Description

Spry is a certified Small Disadvantaged Business (SDB) headquartered in McLean, VA. Spry provides Enterprise, C4IT, Management, and Cyber Solutions to the federal government and commercial entities. Founded in 2001, Spry Methods was built on the foundation of combining industry knowledge with unmatched responsiveness to produce results for our customers. Our goal is to build a business dedicated to the maximization of value for all stakeholders starting with our employees, our customers, and our community. We recognize that talented and dedicated employees are our most valued assets and the foundation of our success. Guided by these principles, we have established an impressive track record of proven past performance serving our customers within the Commercial, Federal Civilian, DoD, and Intelligence Communities. A CMMI Level 3 certified and ISO 9001:2008 registered company, Spry is committed to quality and continuous improvement.

Overview

Spry Methods is searching for a strong Security Development Engineer to support our current customer in the Vienna area working with the engineering and the IA team to ensure that security in incorporated in the product life cycle and beyond.

Job Responsibilities and/or Success Factors

  • Performs or leads security requirements analysis, security requirements definition, system security design, security architecture generation, security trade studies, and security verification and validation with little or no supervision
  • Synthesizes security solutions within the context of the system to meet customer expectations while staying within schedule and cost constraints
  • Researches and analyzes data, such as vendor products, COTS components, GFE/CFE, specifications, and manuals to determine security of design
  • Effectively chooses the appropriate standards, processes, procedures, and tools throughout the system development life cycle to support the generation of the security engineering products
  • Executes or participates in the execution of the development of program required security documentation, including items such as security plans, contingency plans, and security tests plans and procedures in compliance with the IA policy
  • Supports the Assessment and Authorization (A&A) or Certification and Accreditation (C&A) activities and the generation of the documentation for the program
  • Executes the security testing and evaluation to ensure the correct implementation of security requirements
  • Executes security scanning and the analysis of the scan results
  • Assesses and mitigates system security threats and risks throughout the program life cycle
  • To support system development by adding security rigor to the design, assessing the security posture and hardening dynamic operating environments
  • Act as the main security interface with integration and/or development team to solve complex security problems while adhering to prescribed NIST 800 Special Publication series
  • Collaborate with the team to perform security control assessment activities as the project evolves in the systems engineering life cycle in accordance with NIST 800-53
  • Conduct research and perform security analysis on the impacts of system designs, modifications and technological initiatives
  • Review security architecture design to determine level of security compliance
  • Perform automated verification of DISA STIGs and other security benchmarks against web and appliance configurations

Required skills and experience include

  • Top Secret clearance with SCI eligibility
  • Bachelor's of Science degree in Engineering, a related specialized area or field is required (or equivalent experience) plus a minimum of 6 years of relevant experience; or Master's degree plus a minimum of 4 years of relevant experience
  • Strong use and understanding of systems engineering concepts, principles, and theories
  • Strong understanding of cyber security specifications such as Risk Management Framework (RMF), DIACAP, STIGs and other government security specifications and guidelines
  • Strong knowledge of cyber security technology and trends
  • Contributes to the achievement of business objectives
  • Recognizes and incorporates various security designs and lessons learned
  • Strong written and verbal communications skills
  • Effective in communicating issues, impacts, and corrective actions as they affect the cyber design and implementation
  • Strong ability in reporting relevant cyber systems engineering design

Preferred skills

  • Regular contact with senior levels of security work groups
  • Ability to lead security work groups
  • Works under limited direction
  • Contact with project leaders and other professionals within the Engineering department and with project teams
  • Creative thinker, good multi-tasker

EEO Statement

At Spry, we believe talented and dedicated employees are our most valued assets and the foundation of our success. We are committed to crafting a diverse and inclusive workplace that endorses engagement, creativity, quality and innovation.

 

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed