Work Location: OCTO – 200 I Street, SE Washington DC 20003
Submit Before: 4/20/2018
Contract through: 09/30/2018 plus extension
Candidate Pay Rate: $75.00/hr 1099 or comparable
As a member of the security team the Application Security Assessment Engineer is responsible for IT system and application vulnerability assessment using Security Assessment tools.
As a member of the security Team this role is responsible for IT system and application vulnerability assessment using Security Assessment tools. This position is also responsible for continuous monitoring, routine scanning, on demand scanning as part of application or system deployment process.
The consultant should have demonstrated experience in assessing and recommending required security controls for enterprise applications. Consultant should be well-versed in conducting vulnerability and security assessments and penetration tests
Specific knowledge, skills, and abilities required by the incumbent to successfully fulfill the Major Duties and perform the Tasks required for this position include:
CONTRACT LABOR CATEGORY DESCRIPTION————————————————————————————–
Minimum Education/Certification Requirements:
Bachelor’s degree in Information Technology or related field or equivalent experience
|Skill||Required / Desired||Amount||of Experience|
|11-15 years of technical experience in the IT System Management||Required||11||Years|
|5-8 years demonstrated operational implementation and use of Rapid7, Nessus, or similar Network Scanning tools.||Required||5||Years|
|5-8 years demonstrated operational implementation and use of Fortify and ParaSoft static code analysis tools.||Required||5||Years|
|5 years of experience in enterprise vulnerability management program.||Required||5||Years|
|Scripting knowledge required (e.g. python, shell scripting, Java script)||Required||5||Years|
|Demonstrated understanding of software development lifecycle and secure coding techniques.||Required||3||Years|
|8+ years of Information Security experience.||Required||8||Years|
|B.A. or B.S. degree in Computer Science, Information Systems or 6 years of equivalent experience in a related field.||Highly desired|
|Industry Specific (Security+, CEH, CISSP) or tool specific certification (Rapid7, Nessus, Fortify, WSUS, BF, SCCM, Heat, Satellite) desired||Highly desired||11||Years|
|11-15 yrs developing, maintaining, and recommending enhancements to IS policies/requirements||Not Required||11||Years|
|11-15 yrs performing vulnerability/risk analyses of computer systems/apps||Not Required||11||Years|
|11-15 yrs identifying, reporting, and resolving security violations||Not Required||11||Years|
Please contact us for now if you need to.
Basic: Post your positions thru our Candidate searchable "Position Builder" which includes your company contact information. With over 10,000 views a month, this maximizes your position requirement exposure to not only our highly qualified candidates but the entire SOF community and beyond. Initial posting exposure reaches an average of 40,000 people in the DoD, and Inter Agency with the highest exposure being over 70,000 and growing.
Basic Service: $50 per month
Premium Service: This service includes posting your positions and having BEYOND SOF staff assists in the vetting and selection process. This also includes a 30 day early termination refund or 90 day replacement. We tailor a service agreement that aligns with your business model and company strategy. Contact us email@example.com
Working with BEYOND SOF allows you access to our selective network of both US and International clients. Our focus is primarily new contract opportunities to formulate new enduring forms of revenue for our clients. Contact us to learn more at firstname.lastname@example.org
Up through NSA cleared. Contact us at email@example.com
For companies looking to streamline systems, better enable their human capital, expand ROI, buy small companies with niche capabilities that enhance overall strategy, or sell of divisions that will enable focusing on new directions. Contact us at firstname.lastname@example.org
Rapid Acquisition: Full spectrum.
We start with finding the funding first, then tailoring the solution within those constraints/enablers to offer the full turn-key solution. Let us move your product/service in both CONUS and International arenas...email@example.com