Software Security AnalystTrellisWare Technologies • San Diego, California, United States
Cette offre d'emploi n'est plus disponible
Software Security Analyst
TrellisWare Technologies
- San Diego, California, United States
- San Diego, California, United States
À propos
Our Radio Products Team is seeking a hybrid
Software Security Analyst . You would be a member of the Cyber Security Team working on next generation self‑networking hand‑held software defined radios and associated companion products for domestic and foreign defense forces. Specifically, you are responsible for evaluating to ensure that TrellisWare software radio products are designed and implemented with security as a core requirement using defensive radio product security measures. The Software Security Analyst is expected to perform vulnerability assessment and penetration testing, threat modeling, incident response, ensure regulator compliance and policy enforcement while building trust with the end customer.
Responsibilities
Conduct software product security assessments and vulnerability testing.
Regular scanning and penetration testing.
Threat analysis.
Static and dynamic analysis and security testing.
Maintain currency of evolving security threats, technologies, and regulatory changes.
Analyze and review functional system design specifications, and ensure security policy compliance.
Participate in software system architectural and component design reviews.
Reverse engineer software components for hidden bugs or malicious code.
Evaluate and ensure secure COMSEC key and certificate distribution, authentication, and assignment.
Investigate security related incidents.
Determine root cause and verify mitigation updates.
Document and present product security compliance using standard professional practices and corporate defined engineering processes.
FIPS 140 compliance.
NIST STIG compliance.
Develop relationships with team members built on trust and respect.
Education and Work Experience Requirements
Bachelor’s degree in Computer Science, Cybersecurity, or Information Technology or related field of study required.
Minimum of 5 years’ industry experience with at least three years in software development and at least two years in auditing and vulnerability testing.
Proficiency with Python, C/C++ and an understanding of operating systems, and network protocols.
Experience performing penetration testing (ethical hacking) and security scans.
At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC.
Knowledge, Skills, and Abilities
Experience with the full software development life cycle, including system design, threat modeling, and secure code implementation.
Familiarity with encryption devices and secure key management required.
Familiarity with embedded software defined tactical radio security required.
Experience with threat modeling, secure coding practices, and identification of software vulnerabilities.
Experience with cybersecurity scanning tools; Nessus, Qualys VMDR, Trivy, or Rapid7.
Experience with NIST, ISO 27001, CIS Controls or OWASP.
C++, Python, or Java.
Distributed revision control systems (GitHub).
You can think on your feet – you are analytical, pay attention to detail and are able to communicate your thought process both written and verbally.
You are able, and enjoy working independently as well as in a team environment.
Strong collaborative drive and interpersonal skills.
Strong initiative, proactive work ethic and prioritization skills.
Trustable judgement and analytical problem‑solving skills.
Effective execution and decision making.
Champion of change and promotes innovation.
Strong written and verbal communication skills.
Physical Demands
Able to frequently sit, stand, walk, use hands to fingers, handle or feel, reach within hands and arm’s length, stoop, kneel, and crouch, talk and hear.
Regularly required to sit for extended periods of time; frequently required to use office equipment such as PC, printer, telephone, etc.
Able to regularly lift and/or move up to 10 pounds, frequently lift and/or move up to 25 pounds, and occasionally lift and/or move up to 50 pounds.
Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.
Additional Requirements Many of TrellisWare's positions require a security clearance or the ability to obtain one. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.
Salary $115,000 - $185,000 USD
EEO Statement *TrellisWare Technologies, Inc. is an EEO/AA/Disability/Vets Employer.*
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre a été publiée par l’un de nos partenaires. Vous pouvez consulter l’offre originale ici.