Application Security Engineer
Princeton, New Jersey, United States
SciTec
The world brings problems; SciTec builds solutions. Our team is committed to delivering cutting-edge advancements for defense, security, and civil affairs.SciTec, Inc. is a dynamic small business with the mission to deliver Advanced Sensor Data Exploitation technologies and Science Instrumentation Capabilities in support of National Security and Defense. SciTec has immediate opportunities for talented Application Security Engineers to support programs focusing on low-latency data ingest, processing, fusion, and tracking for exploitation of remote sensing systems in Princeton, NJ. Our ideal candidate will have experience working in application Cyber Security across multiple software languages and work well as part of a rapid pace, collaborative, small-team environment consisting of Scientists, Engineers, and Developers to prototype, develop, integrate, and test advanced front-end and back-end software solutions for integrating advanced exploitation algorithms into government frameworks. Members of the team are expected to work together at the office in Princeton, NJ.
Responsibilities
- Perform security assessments of data processing applications developed in C++, Java, and Python. Identify vulnerabilities and risks and make recommendations to application development teams for remediation actions.
- Assess applications for vulnerabilities using manual and automated methods, including but not limited to static analysis tools, dynamic analysis tools, and fuzzers
- Review application architectures and apply threat modeling to identify high-risk software components. Identify risk-reducing design changes
- Support development teams in conducting security-focused software code reviews
- Perform security assessments, informed by publicly available vulnerability databases, of existing software dependencies and make recommendations for suitable alternatives, whether Open Source Software (OSS), Government Off the Shelf Software (GOTS), Commercial Off the Shelf Software (COTS)
- Identify, document, assess, and communicate application vulnerabilities to internal development teams and to application stakeholders
- Evaluate and recommend security testing tools for use in SciTec development processes
- Develop, curate, and improve application security detections (static and dynamic) to identify vulnerabilities at scale
- Develop, enhance, and interpret security tools and standards. Provide support to improving secure development practices and processes at SciTec
Requirements
- Two (2) or more years of relevant work experience
- The ability to obtain and maintain a DoD Security Clearance
- Familiarity with at least C++, Java, or Python
Candidates who have any of the following skills will be preferred:
- 5+ years of relevant application security experience
- Bachelor’s degree in computer science, physical sciences, mathematics, or engineering
- Understanding of OWASP Top 10 and CWE 25 with experience in implementing remediation strategies
- Experience using SAST, DAST, and Open-Source Vulnerability Scanning tools
- Familiarity with C++, Java, and Python and experience in additional programming languages
- Well versed in application risk assessment and risk categorization
- Ability to effectively present and communicate security threats and risks to ANY audience and impress upon them the mitigation techniques and strategies
- Solid problem solving and analytical skills, able to quickly digest any issue/problem encountered and recommend an appropriate solution
- A current active DoD Security clearance
Benefits
As a small business, SciTec, Inc. offers room for growth and a flexible, fast-paced work environment. We work daily to develop one-of-a-kind solutions for challenging national problems. SciTec encourages collaboration across our offices in Boulder, El Segundo, Dayton, Huntsville, Virginia, and our headquarters in Princeton, and provides access to opportunities across the corporate spectrum. Initiative is expected and encouraged, all employees have the opportunity and flexibility to broaden their technical horizons, and our daily work makes an impact on the world around us. SciTec offers a highly competitive salary and benefits package, including a variety of benefits including health insurance, parental leave, vision, life, and disability insurance, 401(k)plan with employer contribution, holidays and paid time off plans (including vacation and sick time), an annual profit-sharing plan, and an annual performance bonus plan. The salary range for this position is $87,000 to $172,000; however, SciTec considers several factors when extending an offer of employment, including but not limited to, the role and associated responsibilities, candidate's work experience, education and training, and key skills. This is not a guarantee of compensation. SciTec is committed to hiring and retaining a diverse workforce and is proud to be an Equal Opportunity/Affirmative Action employer.
Tags: Application security C Clearance Computer Science DAST DoD Java Mathematics Open Source OWASP Python Risk assessment SAST Security assessment Security Clearance Vulnerabilities
Perks/benefits: Competitive pay Flex hours Flex vacation Health care Insurance Parental leave Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs