Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise. Software Security Engineer
Provide security technical services, including configuration and source code analysis using Static Code Analyzer for the support of a fast-paced Agile environment, to ensure all applicable National Institute of Standards and Technology (NIST) controls are being enforced, documented, and implemented in compliance with the DoD Software Approval Process. Perform consistent audits to ensure software is being developed and operated, as defined. Develop documentation in support of testing efforts, including Test Plans, Preliminary Findings Reports, Security Assessment Reports, and other similar test artifacts, as required by the client. This position is located in Rome, NY.
-Experience with performing source code analysis using the following example tools: HP Fortify, FindBugs, or Klocwork Static Code Analysis
-Experience with problem solving through out-of-the-box approaches
-Ability to perform software validation analysis, defining and documenting test plans and specifications required for regulatory compliance, and developing testing strategies and methodologies
-Active Secret clearance
-BA or BS degree
-Experience with UNIX or Linux-based operating systems, including Red Hat Enterprise Linux a plus
-Experience with security methodologies, system dependencies, and source code analysis processes
-Experience with information assurance, risk management framework (RMF), and Security Technical Implementation Guides (STIGs) a plus
-Experience with review and interpretation of DoD system requirements
-Knowledge of Configuration Management and Automation tools, including JIRA, Stash, Subversion, Confluence, or Jenkins
-Knowledge of Agile Development and Management with Agile Scrum
-Knowledge of Cloud and VM technology to design and implement automated testing and scanning strategies
-Ability to troubleshoot problems that occur during the configuration and scanning process in a fast-paced, constantly changing environment
-Ability to make recommendations that mitigate security vulnerabilities identified in reports
-Possession of excellent oral and written communication skills
-Active Top Secret clearance
-DoD 8570 IAT Level II Certification
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions. Booz Allen is committed to delivering results that endure.
We are proud of our diverse environment, EOE, M/F/Disability/Vet.