Cyber Applications & Information Assurance Engineer
Share
Job Location:
Fort Knox, KY - USA
Monthly Salary:
Not Disclosed
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
Location: Ft. Knox KY
Required Clearance: SECRET
Required Certification(s): DoD 8570.01-M IAT II
Required Education: Bachelors degree in Information Technology Computer Science or related field. Substantial experience in lieu of degree may be considered.
Required Experience: 2 years of related experience
Position Description:
PingWind is seeking a Cybersecurity Application Security Analyst to support the U.S. Army at Fort Knox Kentucky. Paid relocation to Fort Knox is not available; candidates must be local or willing to relocate at their own expense.
Primary Responsibilities:
Reports to the SEAP Cyber team manager
Support the SEAP Program (SUSTAINMENT TO EXISTING APPLICATIONS PORTFOLIO).
Perform web application scanning & application security assessments.
Perform manual application testing to identify vulnerabilities or deviations from software standards.
Provide timely and detailed reports with proofs of findings and analysis of risk.
Assist with integration of static & dynamic web application assessments into secure SLDC lifecycles
Use SharePoint and other collaboration tools to collect monitor and manipulate C&A documentation through the collection review approval and final distribution processes.
Supports the SEAP Program and related teams in areas of Risk Management Framework (RMF) for DoD IT DoD/Army Regulations Incident Response Software Assurance and related Cyber disciplines.
Work closely with representatives from other divisions and branches (IT Networking etc.) to request information provide clarification and validate findings evidence and POA&M statements.
Maintain and meet deliverable schedules. Must be proactive in obtaining information from multiple internal and external teams to complete requirements on schedule.
Additional details of positions will be provided to qualified applicants.
Required Skills:
Development background is required.
or Java development experience required. is preferred.
Knowledge of SDLC methodologies.
Intermediate to advanced knowledge of secure code development practices and OWASP Top 10 web application security issues.
Web services development and design with integrated security engineering experience.
Requires excellent English verbal and writing skills including report generation presentations and technical writing.
Highly organized with the ability to independently maintain schedules and meet deadlines.
Desired Skills:
Experience with supporting assessment of IT systems compliance with Federal IT Security standards. (NIST 800-53 FISMA etc.)
3-7 years of web application development related work experience.
Experience performing manual and automated code review and penetration tests for complex applications.
Experience with static code scanning tools (Fortify AppScan etc.)
Experience with dynamic analysis tools (Burp Zaprozy SQLMap BeEF DAVtest dirb fierce curl hping etc.)
Technical understanding of database web server and operating system security as well as application security in leading cloud platforms.
Knowledge of security systems and controls including firewalls intrusion detection systems anti-virus software authentication systems log management content filtering etc.
Understanding of data handling privacy standards to include PII and PHI.
Familiarity with DISA application security related Security Technical Implementation Guides (STIGs) and RMF implementation.
Veterans with prior Army/DoD Cybersecurity experience highly desired.
Required Qualifications:
Minimum 2 years relevant experience.
Bachelors degree in Information Technology Computer Science or related field. Substantial experience in lieu of degree may be considered.
U.S. citizen with active DoD SECRET level security clearance. Uncleared candidates cannot be considered.
Desired Qualifications:
Certified Application Security Engineer (CASE) Certified Secure Software Lifecycle Professional (CSSLP) or similar certification.
Higher level DoD 8570 IAT-III/IAM certifications (i.e. CISSP CASP etc.)
About Pingwind
PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity development IT infrastructure supply chain management and other professional services such as system design and continuous improvement. PingWind is a VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB) and SBA HUBZone Certified with offices in Washington DC and Northern Virginia.
Our benefits include:
Eleven Federal Holidays
Paid Time Off accrued each pay period
Parental Leave
Three medical plan choices with generous employer contribution
Dental and Vision Insurance
Company paid Short-Term and Long-Term Disability
Company paid Life and AD&D Insurance
401k with competitive matching and vesting schedule
Continuing education assistance
Short Term / Long Term Disability & Life Insurance
Medical Dependent Care and Commuter Flexible Spending Accounts
Employee Assistance Program
Wellness benefits include Calm Health app and WellHub gym subsidy (formerly GymPass)
529 College Savings Plan
Legal Insurance
Pet Insurance
Veterans are encouraged to apply
PingWind Inc. does not discriminate in employment opportunities terms and conditions of employment or practices on the basis of race age gender religious or political beliefs national origin or heritage disability sexual orientation or any characteristic protected by law.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
IC
Key Skills
- Actuarial
- Asset
- E Learning
- AutoCAD Drafting
- Java
- Jboss
