Junior Software Engineer

Junior Software Engineer
Schriever SFB
Colorado Springs, Colorado

HX5 is an award-winning provider of engineering, research and development, and technical services to clients such as NASA and the Department of Defense. Founded in 2004, HX5 is a fast-growing veteran- and woman-owned company with locations nationwide.

HX5 is currently seeking a Junior Software Engineer to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract at Schriever Air Force Base in Colorado Springs, CO.

Essential Duties and Responsibilities:

• Learn to perform software security audits identifying risks associated with software and provide a comprehensive security
  assessment for the MDA IC ISSM. This will include known vulnerabilities published to the National Institute of Standards
  and Technology (NIST) National Vulnerability Database (NVD).
• Discover and compile a list of dependencies/bill of materials for software being audited.
• Use of various tools to discover vulnerabilities within a software application.
• Use various programming/scripting/query languages to correlate industry best practices for secure software
  development.
• Identify common security issues including input validation, error and exception handling, logging, access controls, SQL Injection, cross-site scripting (XSS), etc. and articulate how to mitigate or reduce their impact.
• Help correlate Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG)
  vulnerabilities and other policies with vulnerabilities discovered and documenting them to be consumable by a wide
  audience.
• Monitor a queue of requests for software security audits.
• Assist with developing reporting metrics for team activities.
• Occasional Interaction with requesters of varied backgrounds to determine use-case scenarios, understand application
  architecture and to help determine risk mitigation strategies.

The successful candidate will:

• Be able to independently perform all aspects of software code auditing.
• Have the ability to translate technical data into a format understood by individuals form varied backgrounds.
• Be articulate, in both written and verbal communication, able to brief senior Contract and Government leadership.
• Work in a fast-paced, high-pressure, changing environment.
• Be able to use the STIG viewer and identify, understand and apply STIGs required for review of the software
• Have a strong commitment to a team environment.
• Possess a willingness to learn new technologies.
• Have the ability to de-conflict request/requirements.

Salary: This position is expected to pay $80,000-$100,000 annually; depending on experience, education, and any certifications that are directly related to the position.

Education and Experience:

• Must have 6, or more, months of IT related experience.
• Must be conceptually familiar with databases.
• Must be familiar with at least one programming or scripting language and know the difference between compiled and
  interpreted languages.
• Must be able to maintain a restricted badge and work on site 4+ days per week.
• Must have a current IAT Level II Certification (Security+ CE) or be able to obtain within 6 months of hire.
• Must have, or obtain, an active DoD Secret Clearance.

Desired Requirements:

• Be able to perform manual code reviews to filter out false positive results for automated code review findings.
• Be familiar with secure programming theory, common software and database security vulnerabilities, and remediation
  processes.
• Have experience with one/any of the following languages/technologies: .NET, VB, Java, C+, C++, C, JavaScript, Python,
  PowerShell, Team Foundation Server (TFS), JIRA, Get, Internet Information Service (IIS), Tomcat, Docker, Kubernetes,
  SQL Server, Oracle Database, Angular, MVC, HTML, ASP, Bash, and Perl.
• Be proficient in using Fortify Source Code Analyzer (SCA).
• Have excellent written, verbal and interpersonal communications skills.
• Have a Microsoft Development certification such as Azure, Foundations, etc.
• Have a familiarity with the MDA and BMDS programs.

Position Type/Expected Hours of Work:

This is a full-time position requiring 40 hours per week and offers a flexible work schedule Monday through Friday during core business hours.

Other Position Requirements:

• Proof of U.S. Citizenship or US Permanent Residency is a requirement for this position.
• Must be able to complete a U.S. government background investigation.
• Must be able to obtain a Secret clearance.
• Must be able to travel, including air travel.
• Must have a valid Driver's License.

HX5 offers a competitive salary and benefits package to include:

• Medical/Dental/Vision Insurance
• 401(k) plan with Company Match
• Paid Holidays
• Paid Time Off
• Parental Leave
• Life Insurance
• Tuition Reimbursement
• Medical and Dependent Care Flexible Spending Accounts
• Pet Insurance

HX5, LLC is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, age, national origin, ancestry, citizenship, disability, or veteran status.

HX5, LLC is a Drug Free Workplace Employer.

ACCESSIBILITY NOTICE:

If you need a reasonable accommodation for any part of the employment process due to a physical or mental disability, please call (850) 362-6551.

CJ