ValidaTek, Inc. is an award-winning Small Business that provides high-security mission-critical IT services to the Federal Government. Our commitment to excellence in service delivery has resulted in dramatic growth and an expanding client base that includes several U.S. Federal Departments. The corporate infrastructure is robust and based on industry best practices as evidenced by our DCAA Approved accounting system, ISO 9001:2015, ISO 20000-1:2011, and ISO 27001:2013 certifications, and CMMI Level 5 for Services (CMMI-SVC Level 5) and CMMI Level 5 for Development (CMMI-DEV Level 5) appraisals. We pride ourselves in being the best and only attracting and retaining the best talent to fuel our rapid growth. We promote a strong employee-focused corporate culture that provides a diverse, prosperous and rewarding place to work. We provide our employees with competitive benefits, educational assistance, and career growth opportunities. Every employee is valued for their contributions and we all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.
Part of a team supporting the operations and maintenance of large scale and worldwide Enterprise IT environment covering application hosting and support; enterprise services; and infrastructure services. This candidate will serve as a Tier III expert security analyst focused on application security for the Department of State, Bureau of Consular Affairs, Office of Consular Systems and Technology. The ideal candidate will be well-versed in security monitoring, incident response, and application security.
Reviews asset discovery and vulnerability assessment data, application security scan data, application and database event and security log data, security sensor tool events and alerts, network traffic data and perimeter security data.
Explores ways to identify stealthy threats that may have found their way inside the customer network, without detection, using the latest threat intelligence.
Reviews results of penetration tests on production, test and development systems to validate resiliency and identify areas of weakness to fix.
Recommends how to optimize security monitoring tools and security infrastructure devices based on threat hunting discoveries.
Applies experience in implementing and enhancing application security on a variety of web development platforms, and secure configuration of a variety of hosting environments.
Mentors Tier I and Tier II SOC Analysts on application security threat vectors and event analysis.
Researches threat vectors relevant to the enterprise technology baseline and threat intelligence; and reports relevant findings to applications development teams, SOC Analysts and customer leadership and stakeholder.
Reviews the escalation process and incident reports.
Reviews and revises SOC policies, procedures, SOPs, and playbooks.
Develops interface control documentation and security monitoring plans tailored to custom applications.
Interviews application development teams to discover and understand the traffic and behaviors of application users, and then uses that knowledge to examine production application traffic and performance to identify unusual traffic and behavior.
Creates searches, reports, alerts and dashboards in Splunk to track errors and anomalies in application traffic and user behavior that may represent suspicious or malicious activity.
Education and Certifications
BS/BA in related field preferred, or equivalent combination of education and experience.
Active Secret Clearance (Eligible for TS Clearance)
ITIL v3 Foundation (Required within 90 days of hire)
Certified Security professional (CISSP preferred)
Certifications in application security (CASE, CSSLP, CASS, GWEB, etc. preferred)
Certified Ethical Hacker preferred
Knowledge and Experience
Strong leadership and communication skills
3 - 5 years experience with security incident response and recovery
3 - 5 years experience with application security and application development
5 - 10 years experience analyzing web application event logs and network traffic logs
Strong experience with .NET development and testing preferred
Experience with Windows Server, RHEL, VMware and container platforms preferred
Familiar with using data visualization tools
Familiar with using static code analysis tools and dynamic application testing security tools
Familiar with using Splunk (certified power user preferred)
Applicants who are selected for employment will be required to verify authorization to work in the United States.
ValidaTek is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status.