Software Security Engineer

Vistronix, Inc. Greenbelt , MD 20770

Posted 2 weeks ago

ASRC Federal Technical Services (ASTS) is responsible for managing the NASA Goddard Software Engineering Services II (SES II) contract.

ASTS provides IT and Intelligence services to the federal defense and intelligence communities. Our focused solutions offer efficiency, agility, and innovation. We resolve issues quickly and provide ideas and solutions to help our customers fix problems and overcome challenges. ASTS is looking for a Flight Software Security Engineer to support its Software Engineering Services -- II (SES-II) contract at the NASA Goddard Space Flight Center (GSFC) in Greenbelt, Maryland.

Roles/Responsibilities:

The core Flight System (cFS) is a platform and project independent reusable software framework and set of reusable software applications. There are three key aspects to the cFS architecture: a dynamic run-time environment, layered software, and a component based design. It is the combination of these key aspects that makes it suitable for reuse on any number of NASA flight projects and/or embedded software systems at a significant cost savings. To support reuse and project independence, the architecture contains a configurable set of requirements and code. The configurable parameters allow the cFS to be tailored for each environment including desk-top and closed loop simulation environments.

We are looking for a skilled Flight Software Security Engineer to analyze the cFS software platform's design and implementation from a security perspective to identify and resolve security and vulnerability issues. You will include the appropriate security analysis, defenses and countermeasures at each phase of the software development lifecycle, to result in a more robust and reliable development platform.

Essential Job Functions:

  • Software Security Assessment: Evaluate applications for appropriate and effective use of security controls using tools and techniques such as source code analysis, vulnerability scanners, and manual testing techniques.

  • Application Security Control Development: Provide expert guidance to developers on the appropriate selection and implementation of relevant application security controls.

  • Support the planning and execution of the application security testing and evaluation program with possibility to mentor junior team members

  • Advise and consult internal clients on appropriate application of security practices and existing security services to solve problems or enable new business opportunities.

  • Research and implement new security technologies to be used as point solutions for IT initiatives unable to take advantage of or needing greater functionality than reusable enterprise security services.

  • Recommend new security service development ideas based on accumulated knowledge of project-specific security requirements. Identify and implement improvements to application security team processes and supporting software tools to continually improve the team's effectiveness and efficiency.

  • Serve as subject matter expert on application and information security technologies and methodologies.

ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.

  • B.S in Computer Science, or equivalent education or experience with at least fifteen (15) years of professional experience. Emphasis in software security a plus.

  • Experience providing software architecture security guidance, including developing application threat models and methodically protecting against business logic and design flaws that could introduce security vulnerabilities.

  • Knowledge of design patterns and coding standards for secure software.

  • Knowledge of general application security API's and protocols

  • End-to-end, hands-on experience in software security solutions

  • Strong written and verbal communication skills. Specific relevant experience may include technical reports (especially application security assessment reports), technical whitepapers, presentation development and delivery (for both technical and business audiences), technical training, etc. Candidate should have experience making and defending sound technical arguments that incorporate relevant technical and business considerations and building consensus among stakeholders.

  • Ability to obtain National Agency Check Inquiry (NACI) personal background check.

  • US Citizenship is required.

Additional Desirable Skills:

  • Security Awareness Training: Design, develop and deliver presentations focused on raising awareness for crucial security relevant considerations and defensive programming techniques.

  • Knowledge of cryptographic tool kits for application development such as RSA BSAFE or others.

  • Knowledge of cryptographic solutions for protection of data in use, in transit

  • Experience with assembler code.

  • Experience with real time operating systems VxWorks and RTEMS

  • Familiarity with ASIST procs

  • Familiarity with NASA cFS

  • Experience with spacecraft operations

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cfs Flight Software Test Engineer

Vistronix, Inc.

Posted 3 days ago

VIEW JOBS 3/25/2020 12:00:00 AM 2020-06-23T00:00 ASRC Federal Technical Services (ASTS) provides IT and Intelligence services to the federal defense and intelligence communities. Our focused solutions offer efficiency, agility, and innovation. We resolve issues quickly and provide ideas and solutions to help our customers fix problems and overcome challenges. ASTS is looking for a Senior Flight Software Test Engineer to support its Software Engineering Services -- II (SES-II) contract at the NASA Goddard Space Flight Center (GSFC) in Greenbelt, Maryland. Roles/Responsibilities: The core Flight System (cFS) is a platform and project independent reusable software framework and set of reusable software applications. There are three key aspects to the cFS architecture: a dynamic run-time environment, layered software, and a component based design. It is the combination of these key aspects that makes it suitable for reuse on any number of NASA flight projects and/or embedded software systems at a significant cost savings. To support reuse and project independence, the architecture contains a configurable set of requirements and code. The configurable parameters allow the cFS to be tailored for each environment including desk-top and closed loop simulation environments. We are looking for a highly skilled Flight Software Test Engineer to provide testing support for the certification effort of the Core Flight Software (cFS) system as class A, safety-critical flight software. Essential Job Functions: * Software Issue and Bug resolution by analyzing C code to identify and resolve errors * Update processes, policies, and design documents as needed for compliance * Review requirements, specifications and technical design documents to provide timely and meaningful feedback * Create detailed, comprehensive and well-structured test plans and test cases * Write and debug test cases, as well as analyze and review testing results * Estimate, prioritize, plan and coordinate testing activities in a team environment * Liaise with internal teams (e.g. developers and product design leads) to identify/update system requirements * Track quality assurance metrics, like defect densities and open defect counts * Assist with research, evaluation and implementation of the latest cutting edge technologies in field of Automation, DevOps ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law. * S in Computer Science, or equivalent education or experience with at least ten (10) years of professional experience. Emphasis in flight software testing a plus. * Proven work experience in software development * Experience working with GIT or any other version control system * Experience implementing Continuous Integration and build automation systems * Exposure to working with the latest cutting-edge technologies in field of Automation, DevOps * Proven work experience in software quality assurance * Strong knowledge of software QA methodologies, tools and processes * Expertise in automation framework architecture: designing, implementing, and working with multiple, diverse automation frameworks, particularly Open Source * Experience in writing clear, concise and comprehensive test plans and test cases * Strong written and verbal communication skills. * Ability to obtain National Agency Check Inquiry (NACI) personal background check. * US Citizenship is required. Additional Desirable Skills: * Experience with real time operating systems VxWorks and RTEMS * Familiarity with ASIST procs * Familiarity with NASA cFS Experience with flight software Development Vistronix, Inc. Greenbelt MD

Software Security Engineer

Vistronix, Inc.