AASKI Technology is a dynamic government services and solutions provider to multi-faceted Military and Commercial sectors. By creating a highly stable work environment centered on fulfilling our customers’ needs, AASKI fosters a challenging work environment for its employees.
US Citizenship and the ability to maintain a DoD security clearance required.
As directed by the Government lead, the candidate will assess the compliance of systems to web-services and security engineering standards and best practices for application architecture, security, and performance aspects of individual systems and their operation in the enterprise's suite of capabilities, as part of an overall systems engineering assessment of the systems. Assess the infrastructure supporting development, test, quality assurance, fail-over, and production. Methodologies to include interviewing developers, testers, and infrastructure providers; attending team meetings and peer reviews; participate in integrated product teams; review architecture, code, and test results of functionality, vulnerabilities, and performance; participation in test events; trace requirements through functional allocation to components to tests or demonstrations. Document findings associated with assessment. Perform analysis of findings and generate recommendations for development teams and managers. Summarize assessments, finding, and recommendations in a manner understandably by both technical managers and senior leadership. Participate in briefings of development teams, managers, and senior leadership. Research evolving standards and best practices in web-services and security engineering and update assessment practices. Other duties as assigned include as examples, education of development teams and management in web services and security engineering best practices and standards, security engineering and vulnerability detection, assessment, and risk reduction, and DevOps concepts.
Web services development and design with integrated security engineering experience
Experience designing and implementing web services based on WS standards
Experience using static code and dynamic analysis tools to identify and reduce security vulnerabilities
Experience allocating and instrumenting measurement of performance and availability / reliability into components of solution architectures
Experience with integrating on-going security patching and middleware upgrades into development and operational environments
Familiarity with the performance impacts of virtualization, NAS / SAN convergence, enterprise service bus concepts are pluses
Skill set must include: Java, C, C++, REST, SOAP, WS- / WS* standards, static code and dynamic analysis tools, and preferably Security Information Event Management (SIEM) tools experience (e.g. Fortify, WebInspect, Splunk, ArcSight / LogRhythm). Performance measurement tools preferred (e.g. LoadRunner). Familiar with NIST 800 series and OWASP. DoD RMF and DoD Architecture Framework are pluses
AASKI provides an excellent package of comprehensive benefits for full-time employees beginning the first day of employment.
Experience working in a CMMI Level 3 project/business environment a plus for all open positions. US Citizenship and the ability to obtain and maintain a Security clearance required. Equal Opportunity Employer Minorities/Women/Veterans/Disabled. Solicitations/Advertisements for Employees shall state that all qualified applicants will receive consideration for employment without regard to their veteran status or on the basis of disability. All employees of the Company are employed “At Will.” This means that either the employee or the Company is free to end the employment relationship at any time, for any reason, with or without cause and with or without notice.