Cyber Threat Engineer, Piper Companies, Fort Belvoir, VA
Piper Companies -
Fort Belvoir, VA,
US
Cyber Threat Engineer
Date Posted: 2024-06-02
Job description
Zachary Piper Solutions is currently seeking a Cyber Threat Engineer to join a federal project at Ft. Belvoir, VA. This role is hybrid and requires you to be onsite 2x a week and requires ACTIVE Secret Clearance .
Responsibilities for the Cyber Threat Engineer include:
o Proven experience in application security, including vulnerability assessments and code reviews.
o Perform regular security assessments of application code vulnerability scans.
o Analyze and interpret security scan results, identifying vulnerabilities, security risks, and validating reported false positives.
o Collaborate with Customers, Customer System Integrators and CRM's to ensure production application deploys are scanned, reviewed and approved.
o Monitor and respond to security incidents related to applications.
o Collaborate with the incident response team to investigate and mitigate security breaches.
o Stay up to date with the latest security threats, vulnerabilities, and industry best practices.
o Design and implement application security standards and guidelines.
o Oversee the development and improvement of application security policies and procedures.
o Ensure that applications comply with relevant security standards and regulations.
o Keep abreast of changes in security regulations and update security measures accordingly.
o Collaborate with development teams to implement secure coding practices and provide guidance on addressing security findings.
o Identify and provide remediation recommendations for security vulnerabilities in applications, APIs, and web services.
o Work closely with DevOps and IT teams to automate security testing processes.
Qualifications for the Cyber Threat Engineer include:
o Bachelor's degree in computer science, Information Security, or a related field.
o 5+ years of experience in application security or related roles.
o Solid understanding of web application security principles.
o Experience with SAST (Fortify, Checkmarx, SonarQube...) and DAST (WebInspect, Burp Suit) tools
o Proficiency in programming languages such as Java, Python, C++, C#, or others.
o Knowledge of web application security principles and common vulnerabilities.
o Familiarity with security frameworks and compliance standards (e.g., OWASP, NIST, ISO 27001).
o Understanding of secure coding practices and the OWASP Top 10.
o Experience with DevOps practices and tools.
o CompTIA Security+
Keywords : Army, US Army, Army Reserve, Army national Guard, RMF, NIST, FedRAMP, cyber, cyber engineer, threat hunter, cyber threat engineer, incident response, vulnerability assessment, security threats, devops, web application security, sonarqube, sast, burpsuit, java, python, C++, C#, security+, secret, clearance, top secret, ts, onsite, ft Belvoir, Lorton, Fairfax, Alexandria
Responsibilities for the Cyber Threat Engineer include:
o Proven experience in application security, including vulnerability assessments and code reviews.
o Perform regular security assessments of application code vulnerability scans.
o Analyze and interpret security scan results, identifying vulnerabilities, security risks, and validating reported false positives.
o Collaborate with Customers, Customer System Integrators and CRM's to ensure production application deploys are scanned, reviewed and approved.
o Monitor and respond to security incidents related to applications.
o Collaborate with the incident response team to investigate and mitigate security breaches.
o Stay up to date with the latest security threats, vulnerabilities, and industry best practices.
o Design and implement application security standards and guidelines.
o Oversee the development and improvement of application security policies and procedures.
o Ensure that applications comply with relevant security standards and regulations.
o Keep abreast of changes in security regulations and update security measures accordingly.
o Collaborate with development teams to implement secure coding practices and provide guidance on addressing security findings.
o Identify and provide remediation recommendations for security vulnerabilities in applications, APIs, and web services.
o Work closely with DevOps and IT teams to automate security testing processes.
Qualifications for the Cyber Threat Engineer include:
o Bachelor's degree in computer science, Information Security, or a related field.
o 5+ years of experience in application security or related roles.
o Solid understanding of web application security principles.
o Experience with SAST (Fortify, Checkmarx, SonarQube...) and DAST (WebInspect, Burp Suit) tools
o Proficiency in programming languages such as Java, Python, C++, C#, or others.
o Knowledge of web application security principles and common vulnerabilities.
o Familiarity with security frameworks and compliance standards (e.g., OWASP, NIST, ISO 27001).
o Understanding of secure coding practices and the OWASP Top 10.
o Experience with DevOps practices and tools.
o CompTIA Security+
Keywords : Army, US Army, Army Reserve, Army national Guard, RMF, NIST, FedRAMP, cyber, cyber engineer, threat hunter, cyber threat engineer, incident response, vulnerability assessment, security threats, devops, web application security, sonarqube, sast, burpsuit, java, python, C++, C#, security+, secret, clearance, top secret, ts, onsite, ft Belvoir, Lorton, Fairfax, Alexandria