Cyber Security Engineer 101543 with Security Clearance

---

Job description

Cyber Security Engineer
Location: Boulder, CO.
Required Clearance: Secret Since 1999, ITEC has been a powerhouse in supporting mission-critical programs for the DoD and Intelligence community, building a solid reputation along the way. At ITEC, we don't just care for our employees-we champion them with competitive salaries, an outstanding employee care program, and a benefits package that includes Medical, Dental, Vision, Paid Time Off, and a 401k. Description: ITEC is seeking a well-qualified Senior Cyber Security Engineer to join the Cyber Security Engineering team securing some very interesting systems. The position provides secure software cybersecurity expertise; as well as guiding the secure implementation of databases. The successful candidate is expected to have proven experience implementing secure coding standards, the Defense Information Systems Agency (DISA) Application Security and Development Security Technical Implementation Guide (ASD STIG), database security, Python coding, and experience with the Risk Management Framework (RMF) process and artifact development leading to a successful Authorization to Operate (ATO). Continuous Integration / Continuous Deployment (CI/CD) pipeline and DevSecOps experience is highly desired; as is the ability to effectively perform in a dynamic, agile development environment. Job Responsibilities: Perform security analysis of software applications using both automated tooling (static code analysis, software composition analysis, fuzzing) and manual code and design review. Support integration of tools and processes into DevSecOps pipelines. Design, implement, and integrate improvements to software analysis continuous integration tooling.
Perform/analyze compliance scans and generate reports (e.g., STIG, SCAP, SCA, vulnerability scans, etc.). Support software developers in remediating issues identified during code analysis & support software developers in integrating security into system designs.
Required Skills: Experience with cyber security engineering projects (specifically focused on software security) and programs for U.S. Government clients. Typically requires a Bachelor's degree in Science, Technology, Engineering or Mathematics (STEM) and 5+ years of engineering experience in cyber security. Experience with Risk Management Framework (RMF), NIST 800-37, Continuous Monitoring IAW NIST 800-137, Patching IAW NIST 800-40, NIST 800-53 and CNSSI 1253. Experience identifying, exploiting, and remediating application vulnerabilities. Experience with one or more of the following programming languages: C++, Python, JavaScript (or TypeScript), Rust. Experience with using and configuring static code analysis tooling (e.g. Coverity, Klockwork, SonarQube, etc.). Experience with vulnerability discovery using fuzzing (AFL, AFL , honggfuzz, etc.). Develop and augment automation through scripting or programming and collaborating w/ teams for security functionality to meet cyber requirements. Required Security Certification in accordance with DoD 8570.01 IAT-II for a Linux environment (e.g., Security+ CE and Linux OS Certification); NOTE: Obtaining Security+ certification is required at start.
Desired Skills: Knowledge of secure coding practices and enforcement through DevSecOps pipelines. Experience identifying, exploiting, and remediating application vulnerabilities. Experience with application debugging, runtime instrumentation (Strace, eBPF), and reverse engineering (Ghidra, IDA Pro). Familiarity with threat modeling tools such as the MITRE ATT&CK framework. Ability to work in a team environment and work collaboratively across traditional engineering disciplines. Must be a self-starter capable of multitasking and efficiently managing your time.
Recruiter: Karen Knight ITEC is a wholly owned subsidiary of ManpowerGroup Public Sector.

<!– job description page –>