✨ Fill and validate PDF forms with InstaFill AI. Save an average of 34 minutes on each form, reducing mistakes by 90% and ensuring accuracy. Learn more
AI Apps for Job SeekersFill PDF Forms with Instafill AI ✨

Software Developer

Bravo Consulting Group, LLC North Springfield, Virginia
software security software design enterprise management cybersecurity tools analysis language software development languages architecture
Apply
November 17, 2022
Bravo Consulting Group, LLC
North Springfield, Virginia
Title : Software Developer


Location : Springfield, VA


Job Summary


Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.


Responsibilities Include


  • Analyze information to determine, recommend, and plan the development of a new application or modification of an existing applications.
  • Apply coding and testing standards, apply security testing tools including "'fuzzing" static-analysis code scanning tools, and conduct code reviews.
  • Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.
  • Confer with systems analysts, engineers, programmers, and others to design application and to obtain information on project limitations and capabilities, performance requirements, and interfaces.
  • Design, develop, and modify software systems, using scientific analysis and mathematical models to predict and measure outcome and consequences of design.
  • Identify security implications and apply methodologies within centralized and decentralized environments across the enterprise's computer systems in software development.
  • Identify security issues around steady state operation and management of software and incorporate security measures that must be taken when a product reaches its end of life.
  • Address security implications in the software acceptance phase including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
  • Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.
  • Supervise and assign work to programmers, designers, technologists and technicians, and other engineering and scientific personnel.
  • Identify and leverage the enterprise-wide security services while designing and developing secure applications (e.g., Enterprise PKI, Federated Identity server, Enterprise Antivirus solution) when appropriate.
  • Conduct trial runs of programs and software applications to ensure that the desired information is produced, and instructions and security levels are correct.
  • Develop software system testing and validation procedures, programming, and documentation.
  • Apply cybersecurity functions (e.g., encryption, access control, and identity management) to reduce exploitation opportunities.
  • Determine and document software patches or the extent of releases that would leave software vulnerable.


Required Qualifications


  • Active TS/SCI
  • IAT Level II Certification
  • Experience in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • conducting software debugging.
  • Skilled in creating and utilizing mathematical or statistical models.
  • Experience creating programs that validate and process multiple inputs including command line arguments, environmental variables, and input streams.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Experience in local area and wide area networking principles and concepts including bandwidth management.
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Understanding of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Experience with the secure test plan design (e. g. unit, integration, system, acceptance).
  • Skilled in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
  • Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Knowledge of organization's evaluation and validation requirements.
  • Knowledge of software related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, simplicity/minimization).
  • Skilled in writing code in a currently supported programming language (e.g., Java, C++).
  • Knowledge of low-level computer languages (e.g., assembly languages).
  • Knowledge of organization's enterprise information security architecture.
  • Knowledge of cybersecurity and privacy principles and methods that apply to software development.
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Knowledge of Privacy Impact Assessments.
  • Knowledge of software development models (e.g., Waterfall Model, Spiral Model).
  • Knowledge of structured analysis principles and methods. K0086: Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.
  • Knowledge of web services (e.g., service-oriented architecture, Simple Object Access Protocol, and web service description language).
  • Knowledge of interpreted and compiled computer languages.
  • Awareness of supply chain risk management standards, processes, and practices.
  • Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • Understanding of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).


Compensation Package


Bravo's commitment to people first is demonstrated in the benefits we provide to our team members: We provide industry leading benefits including:


  • Paid medical, dental and vision benefits
  • 401K program with employer match
  • Commute stipend
  • 32 Days PTO (15 vacation, 7 sick, 10 federal holidays)
  • Profit Sharing
  • Phantom Stock Options


Company Overview


Bravo Consulting Group, LLC (Bravo) taps into the power of Microsoft technologies to develop custom software applications and solutions for Federal, State, Local, and Commercial organizations. Since our inception in 2007, we have pioneered enterprise applications that have become central components in our clients' business success. Our customer-centric focus has allowed us to implement improved technologies, develop high-end business solutions, and transform digital services. Our vast technology and industry expertise enable us to partner with clients to deliver sophisticated solutions rapidly and on budget.


Powered by JazzHR
Report this job

Similar jobs near me

Related articles