Cyber - ISSE/ Security Engineer - Architect (Sr)

Information Security and Vulnerability Engineer

Washington, DC / Hybrid

Must

Active DoD Secret clearance

Experience ISSE

10+ years of overall IT security engineering experience

Strong understanding of DevSecOps tools and processes

Experience working with Azure

Must know OWASP top risks and mitigations

Hands-on experience in installing, configuring, operating, and monitoring CI/CD pipeline tools

Previous work writing/developing CI/CD pipelines using YAML

Experience with Fortify static tools (Fortify SCA, Fortify WebInspect, Sonatype) is a must

Solid understanding of other core programming languages such as C#/.NET, Java, Node.js, PHP, etc. to aid in troubleshooting of customer CI/CD pipelines

PowerShell/Python Scripting

Experience reviewing and validating outputs of code scans to assist customers in identify true positives and provide appropriate remediation guidance

Strong understanding of NIST Development Frameworks and how code scanning tools align

Security architecture experience is desire and a plus

Excellent communication skills both written and verbal

Able to present and speak regularly with stakeholders and non technical officials

Duties

Ideal candidate will bring senior level security and vulnerability experience and expertise to support multiple security teams and programs for DoD cand DoS clients

Responsibilities include being able to configure, implement and administer Fortify Static Code Analyzer, Web Inspect, OWASP and SonaType into the Azure DevOps pipeline and provide hands-on technical subject matter expertise for applications using the application scanning tools

Maintain Azure DevOps pool agent servers

Monitor and coordinate security findings

Manage the program testing processes and testing activities of the security program

Manage the resolution of open issues and communicate essential information to stakeholders

Administer applications and users and field troubleshooting questions for users and other stakeholders

Analyze internal security and provide relevant information to internal and external stakeholders

Help with writing/developing CI/CD pipelines, maintaining/configuring build agents, and generating documentation and statements of procedures for these processes

Ability to troubleshoot, via log analysis, both frequent and infrequent technical issues related to CI/CD pipeline run errors

Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability.