SECURE SOFTWARE ASSESSOR (CYBER-NGA)

Overview:
Quantum Research International, Inc. (Quantum) provides our national defense and federal civilian and industry customers with services and products in the following main areas: 1) Cybersecurity and Information Operations; 2) Space Operations and Control; 3) Aviation Systems; 4) Ground, Air and Missile Defense, and Fires Support Systems; 5) Intelligence Programs Support; 6) Experimentation and Test; 7) Program Management; and (8) Audio/Visual Technology Applications. Quantum's Corporate Office is located in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation's Warfighters. In addition to our corporate office, we have physical locations in Aberdeen, MD; Colorado Springs, CO; Crestview, FL; Orlando, FL; and Tupelo, MS..

Mission:

Quantum Research Intl is seeking a motivated and skilled intermediate Secure Software Assessor. As a member of the NGA DEFENDER Cybersecurity Software Assurance team, the contractor shall provide security assessments for NGA Test Organization (NTO) activities that require a Certificate-to-Field (CtF). The NTO Security Assurance Team reviews program-provided Version Description Documentation (VDD), Ops Memos, Application Deliveries, SecGrams, InfoGrams and Memograms to ensure that security changes, custom code, applications, operating systems, and configuration changes are in compliance with requirements. The Secure Software Assessor analyzes the security of new or existing computer applications, software, or specialized utility programs on or preparing to deploy on NGA systems and provides actionable results. This position is available immediately at NGA Campus East in Springfield, VA.

Responsibilities:

• Determine the risk of using commercial, government, and open source software and employ techniques to mitigate risk during the software development life cycle (SDLC).
• Manage security impact evalution in NTO test cases.
• Coordinate with programs to obtain supporting documentation for review of security relevant changes, and approve or deny this NTO security phase within the government approved evaluation process and workflow management tool.
• Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.
• Consult with engineering staff to evaluate interface between hardware and software.
• Identify basic common coding flaws at a high level, identify security implications, and apply methodologies within centralized and decentralized environments across the enterprise's computer systems in software development.

Requirements:

• TS/SCI eligible, subject to CI Polygraph

• IAM or IAT Level 2- certifications or better

• Bachelor's degree. In lieu of degree, Sec+, CSSLP, or GSEC may be accepted.

• Experience with Computer Network Defense (CND) Intelligence Analysis, Assessments, and/or Open-Source Research.

• Knowledge of Government standards for data security such as markings, handling of classified and unclassified information, and how to handle the distribution of this information.

• Knowledge of computer networking concepts and protocols, and network security methodologies, as well as risk management processes (e.g., methods for assessing and mitigating risk).

• Understands basic system and application security threats and vulnerabilities.

• Familiar with the software development lifecycle.

Desired/Preferred Skills

• Familiar with secure software deployment methodologies (agile, waterfall, devops, etc), tools, and practices.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Equal Opportunity Employer/Affirmative Action Employer M/F/D/V: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

#LI-JL1 #LI-Onsite