Application and System Security Engineer

Washington, DC, DC, USA

Evolver

Evolver develops IT transformation & cybersecurity solutions - Scalable tech solutions for government agencies and modern enterprises.

View company page

Evolver Federal is seeking an Application and Systems Security Engineer for a multifaceted role that combines the strengths and responsibilities of an Application Security Engineer, a Systems Security Engineer, and an overall Penetration Tester and security vulnerability expert.

As an Application and Systems Security Engineer, this role will work with the GovInfo Program teams and Agency IT and Agency IT Security staff to continuously identify and mitigate security issues, as well as coordinate across teams to provide suitable evidence and documentation for security related activities. In the event of a cyberattack or other form of IT security related vulnerability identification, the Application and Systems Security Engineer will lead efforts to identify issues/breaches and bring the vulnerability to resolution.


Responsibilities

  • Work as a member of the Infrastructure Team or other cross-functional teams as needed to support the GovInfo Program, and as necessary, provide off-hours support to ensure continued security availability and mitigation of high priority / identified vulnerabilities within the system.
  • Manage GovInfo system security, including serving as responsible official for virus/malware incidents and coordination of responses with IT&S to correct any security events or intrusions.
  • Perform internal and external vulnerability tests and threat assessments as directed by PST management, including non-destructive penetration testing, through the use of industry standard tools including but not limited to Kali Linux.
  • Ensure public and internal applications, APIs, and services are designed, developed, implemented, and monitored in accordance with applicable security controls related to NIST 800-53, ISO 27001, and GPO IT Security policies.
  • Design and automate penetration testing across environments to identify and resolve vulnerabilities.
  • Support security related requirements for auditing, logging, and review of regular security-focused reports and logs.

Basic Requirements:

  • 5 years' experience as an Information Systems Security Engineering Professional (CISSP- ISSEP)
  • 2 years of application security experience with Technologies utilized in GovInfo (Documentum, Solr, Spring, Drupal, Apache, Apache, and VMware)
  • 2 years of experience with a security toolset (nikto, Wireshark, Matesploit. Burp Suite, Kali Linux, CIS-CAT)
  • 2 years of experience in Penetration Testing, Vulnerability Prevention, DDOS Mitigation

Preferred Requirements:

  • Working knowledge of network protocols, enterprise network hardware, Load Balancers
  • Experience with test driven development, traditional waterfall and agile software development lifecycle methodologies including Scrum and Kanban
  • Experience and training in maintaining ISO 27001 certification



Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰>

Job stats:  6  1  0

Tags: Agile APIs Application security Audits Burp Suite CISSP DDoS ISO 27001 ISSE Kali Kanban Linux Malware NIST NIST 800-53 Pentesting Scrum SDLC VMware Vulnerabilities

Perks/benefits: Team events

Region: North America
Country: United States

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.