SOFTWARE DEVELOPER-INTERMEDIATE (NGA) - Quantum Research Int'l
Springfield, VA 22009
About the Job
Overview:
Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Alliedgovernments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems; (4) Missile Systems; (5) Artificial Intelligence/ Machine Learning Systems and Experimentation/Training; and (6) Audio Visual Systems and Services. Quantum’s Corporate Office is in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation’s Warfighters. In addition to our corporate office, we have physical locations in Aberdeen; MD; Colorado Springs, CO; Orlando, FL; Crestview, FL; and Tupelo, MS.
Mission:
As a member of the NGA DEFENDER team, the Software Developer (Intermediate) will support cybersecurity software assurance across NGA.
Responsibilities:
- Analyze information to determine, recommend, and plan the development of a new application or modification of an existing application.
- Analyze user needs and software requirements to determine feasibility of design within time and cost constraints.
- Apply coding and testing standards, apply security testing tools including "'fuzzing" static-analysis code scanning tools, and conduct code reviews.
- Apply secure code documentation.
- Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.
- Compile and write documentation of program development and subsequent revisions, inserting comments in the coded instructions so others can understand the program.
- Confer with systems analysts, engineers, programmers, and others to design application and to obtain information on project limitations and capabilities, performance requirements, and interfaces.
- Consult with engineering staff to evaluate interface between hardware and software.
- Correct errors by making appropriate changes and rechecking the program to ensure that desired results are produced.
- Design, develop, and modify software systems, using scientific analysis and mathematical models to predict and measure outcome and consequences of design.
- Develop secure code and error handling.
- Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration.
- Identify basic common coding flaws at a high level.
Requirements:
- Bachelor’s degree. In lieu of degree, CSSLP may be accepted.
- Understands computer networking concepts and protocols, network security methodologies, and risk management processes (e.g., methods for assessing and mitigating risk).
- Expertise with laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles, cyber threats and vulnerabilities, and the specific operational impacts of cybersecurity lapses.
- Understands complex data structures and computer programming principles.
- Knowledge of cybersecurity and privacy principles and methods that apply to software development.
- Familiar with low-level computer languages (e.g., assembly languages), operating systems, and programming language structures and logic.
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Understands secure configuration management techniques, software debugging principles, software design tools, methods, and techniques, and software development models (e.g., Waterfall Model, Spiral Model).
- Knowledge of web services (e.g., service-oriented architecture, Simple Object Access Protocol, and web service description language).
- TS/SCI eligible, subject to CI Polygraph.
- IAM Level 2
Desired/Preferred Skills:
- Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Equal Opportunity Employer/Affirmative Action Employer M/F/D/V:
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.