Company: TRISTAR (Tri Star Engineering, Inc.)
Apply For Position At
Location: US IN-Bloomington
Employee Type: Full-Time/ Exempt
Travel Required: Yes - 10%
Relocation Accommodation: Yes
Approximate Start Date: Upon Suitable Candidate Selection
Posting Close: Upon Suitable Candidate Selection
TRISTAR is an Application Security Engineer for our upcoming government customer in Bloomington, IN
Position Description
The Application Security Engineer Analyze and review the existing IA/cyber security documentation, implementation, and testing and provide recommendations for changes/updates
Provide extensive knowledge and capability in utilization of static code analysis tools such as Sonarqube software and adjudication of findings
Provide software support for container and Kubernetes hardening in compliance with the RAISE 2.0 Implementation Guide and NSA & CISA Kubernetes Hardening Guidance v1.1 and DISA Container Hardening Guide v1.1
Position Responsibilities
Analyze static code to identify and mitigate security vulnerabilities
Maintain and update POA&Ms to track and prioritize security measures
Perform STIG checklists to ensure compliance with security standards
Interface with customers to provide timely updates, guidance, and information on application security
Collaborate with cross-functional teams to implement and enforce security best practices
Stay abreast of the latest security trends, threats, and technologies to continuously improve security measures
Position Requirements
Experience as a software developer/engineer. Able to understand and analyze code, preferably from a C# perspective
Proven experience in application security, including analyzing static code
Strong knowledge of POA&Ms and experience in maintaining and updating them
Familiarity with STIG checklists and the ability to perform security assessments
Excellent communication skills with the ability to interface with customers effectively
Knowledge of industry-standard security frameworks and best practices
Relevant certifications such as CISSP, CSSLP, or equivalent are a plus
MUST be a US Citizen
Must have active Secret Clearance or the ability to obtain one
Preferred Skills
Experience with automated security testing tools
Familiarity with DevSecOps practices
Strong scripting and programming skills
Education And Certification
Bachelor's degree in Computer Science, Information Security, or related field
IAT level II certification with DoD 8570 (Example CompTIA Security Plus) or willingness to obtain prior to start date
COVID Policy: TRISTAR does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed in accordance with contract when work is performed at a customer site.
TRISTAR is an Equal Opportunity Employer with a commitment to diversity. All individuals, regardless of personal characteristics, are encouraged to apply. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, disability or veteran status
SimplyApply
