Job Description

Challenging Today. Reinventing Tomorrow. We\'re invested in you and your success. Everything we do is more than just a project. It\'s our challenge as human beings, too. That\'s why we bring a thoughtful and collaborative approach to every one of our partnerships. At Jacobs, we challenge the status quo and redefine how to solve the world\'s greatest challenges, transforming big ideas into intelligent solutions for a more connected, sustainable world. Design your career with a company that inspires and empowers you to deliver your best work so you can evolve, grow and succeed \xe2\x80\x93 today and into tomorrow

Your Impact:
Description of Duties: The Mid-Level Cybersecurity Software Analyst supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will:

• Perform software security audits to identify risks associated with software and provide a comprehensive security assessment for the MDA (Missile Defense Agency) IC ISSM. This can include known vulnerabilities published to the NIST NVD (National Vulnerability Database).
• Discover or compile a list of dependencies/bill of materials for software being audited.
• Use of various tools to discovery vulnerabilities within an application.
• Using your experience with various programming/scripting/query languages to correlate industry best practices for secure software development.
• Identify common security issues including input validation, error and exception handling, logging, access controls, SQL Injection, cross-site scripting (XSS), etc. and articulate how to mitigate or reduce impact of them.
• Correlating DISA STIG vulnerabilities and other policies with vulnerabilities discovered and documenting them to be consumable by a wide audience.
• Manage a queue of requests for software security audits.
• Assist with developing reporting metrics for team activities.
• Interact with requesters of varied backgrounds to determine use-case scenarios, understand application architecture and to help determine risk mitigation strategies.

The successful candidate will:

• Be able to independently perform all aspects of software security auditing.
• Have the ability to translate technical concepts into language understood by individuals from varied backgrounds.
• Be articulate and concise in both written and verbal communication with the ability to brief senior contract and government leadership.
• Work in a fast-paced, high-pressure, fluid environment.
• Be able to use the STIG viewer to identify and understand STIG requirements for various forms of software and discuss mitigation activities with a non-technical audience.
• Have a strong commitment to a team environment.
• Possess a willingness to learn new technologies and IT strategies.

This position can be filled at Schriever SFB, Colorado Springs, CO or Redstone Arsenal, Huntsville, AL
This position is expected to pay $100,000 - $110,000 annually; depending on experience, education, and any certifications that are directly related to the position.
This position will be posted for a minimum of 3 days. If a candidate has not been selected at that time, it will continue to be posted until a suitable candidate is selected or the position is closed.
Resumes, in month and year format, must be submitted with application in order to be considered for the position. The selected candidate will be assigned as an employee for Jacobs or one of our teammate companies.
Jacobs health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Typical benefits offered include flexible work schedules and opportunities to work remotely, educational reimbursement, retirement benefits (401K match), employee stock purchase plan, health benefits, tax saving options, disability benefits, life and accident insurance, voluntary benefits, paid time off and paid holidays, and parental leave. #cjpost
Here\xe2\x80\x99s What You\xe2\x80\x99ll Need:

Basic Requirements: Must have one of the following combinations of education and experience: HS Diploma (or GED) and 2 years of general experience; Associate\xe2\x80\x99s degree and 0 years of general experience.

• Must have 2.5 years of experience in an engineering role.
• Must be familiar with SQL Server, PostgreSQL or other databases in conceptual architecture and the associated query languages, etc.
• Must be familiar with at least one programming language and know the difference between compiled and interpreted languages.
• Must have a current IAT Level II Certification (Security+ CE)
• Must have, or be able to obtain, an active DoD Secret Clearance

Desired Requirements:

• Be able to perform manual source code/script reviews to determine relevance of automated findings.
• Have experience with one/any of the following languages: .NET, VB, Java, C+, C++, C, JavaScript, T-SQL, PL-SQL, Python, PowerShell, HTML, ASP, Bash, and Perl.
• Be familiar with some or all of these software technologies: Team Foundation Server (TFS), JIRA, Get, Internet Information Service (IIS), Tomcat, Docker, SQL Server, Oracle Database, Angular, MVC, etc.
• Be familiar with Fortify Source Code Analyzer (SCA).
• Have excellent written, verbal and interpersonal communications skills.
• Have a familiarity with the MDA and BMDS programs.

Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language.