Secure Software Assessor - Intermediate with Security Clearance

---

Job description

Title Secure Software Assessor - Intermediate Full-Time/Part-Time Full-Time Description RiVidium Inc (dba, TripleCyber) is seeking a Secure Software Assessor who analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results. TASKS: Apply coding and testing standards, apply security testing tools including "'fuzzing" static-analysis code scanning tools, and conduct code reviews. Apply secure code documentation. Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules. Develop threat model based on customer interviews and requirements. Consult with engineering staff to evaluate interface between hardware and software. Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration. Identify basic common coding flaws at a high level. Identify security implications and apply methodologies within centralized and decentralized environments across the enterprise's computer systems in software development. Identify security issues around steady state operation and management of software and incorporate security measures that must be taken when a product reaches its end of life. Perform integrated quality assurance testing for security functionality and resiliency attack. Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change. Address security implications in the software acceptance phase including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing. Store, retrieve, and manipulate data for analysis of system capabilities and requirements. Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria. Perform penetration testing as required for new or updated applications. Consult with customers about software system design and maintenance.ABILITIES: Ability to use and understand complex mathematical concepts (e.g., discrete math). Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.Requirements: Bachelor degree or higher from an accredited college or university Prefer an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field. Certification(s): IASAE Level 2 About the Organization Established in 2008, RiVidium, Inc. (dba TripleCyber) is a VA-Verified SDVOSB and an SBA-Certified 8(a) company. To prepare our clients for the future, RiVidium has balanced all parts of our organization to attract the finest employees in order to 'Strive to be the missing element defining tomorrow's technology'. RiVidium keeps pace and surpasses its competitors by meeting challenges of advancements in Logistics, Human Capital, Cyber, Intelligence & Technology. EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. If you need a reasonable accommodation for any part of the employment process, please contact Human Resources (HR) at . This position is currently accepting applications.

<!– job description page –>