"Alerted.org

Imagine One Technology & Management, Ltd. is seeking one (1) **Security Software Engineer.** This position is contingent upon award of the associated work and will be performed in Dahlgren, Virginia.

The **Security Software Engineer** will be expected to:

+ Debug and reverse engineer software.

+ Analyze Windows Events and Linux syslog's, boot logs and dmesg logs.

+ Program and debug Web 2.0, Java, Perl, Ada, C++, Tool Command Language (tcl/tk) scripts and graphical user interfaces (GUis) using Microsoft Visual tel and Rational ClearCase for software configuration management.

+ Recommend software modifications to systems to mitigate known vulnerabilities.

+ Operate and administrate computer systems running HP-UX, UNIX, Solaris, Linux and Microsoft Windows.

+ Identify security flaws in compiled and human readable source code.

+ Understand code utilizing real-time VxWorks and Lynx OS operating systems, Common Object Resource Broker Architecture (CORBA), firewalls and networking protocols.

+ Understand how to implement NSA approved encryption technologies and devices.

+ Apply DISA Security Technical Implementation Guides (STIGs).

+ Apply virtual hosting and server technology in system architectures.

+ Understand and apply the concept of deceptive technology such as honey pots in system architectures.

+ Participate in Code Reviews. Perform Static Source Code Analysis. Author recommendations for improving software and code design.

+ Contribute to a System Security Administrator and Operators Manual (SSAOM).

Desired Experience:

+ Five (5) years of experience in software engineering applied to program development; modeling and simulation applied to DoD or Information Technology systems.

+ Five (5) Years experience in:

1. Linux – firm grasp/demonstrated knowledge

2. Associated Training: COMPTIA Linux+ or FedVTE Linux+ Five (5) Years experience in:

1. Windows – foundational knowledge with good understanding of enterprise networks

2. Associated Training: Microsoft course (MCSA; Various)

+ Strong working knowledge of common Penetration Testing (PENTEST) tools:

1. Kali, Metasploit, NMAP, Cobalt Strike

2. Associated Training: Certified Ethical Hacker or Offensive Security Certified Professional and;

3. Documented experience in at least one of the following:

1. Penetration Testing (PENTEST) (government or contractor)

2. Red Team Operations (government or contractor)

3. Tool/Software Development (exploits/malware, C2, reverse engineering, bug bounties)

4. Python, C, C Sharp, C++, Go, Perl, Powershell

5. Web Dev/Web App Dev/Web Penetration testing

4. PHP, ASP, SQL db's, Java, HTML, No SQL [VW1]

Educational Requirements:

+ Minimum certification as IAT Level II per DoD 8570.01, or successor.

+ Minimum certification as penetration tester and possess one of the following certificates:

1. Offensive Security Certs: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), Offensive Security Wireless Professional (OSWP)

2. SANS Certs: SEC560 - Network Penetration testing and Ethical Hacking (GPEN Certification), SEC542 - Web App Penetration Testing and Ethical Hacking (GWAPT Certification), SEC660 - Advance Penetration Testing. Exploit Writing, and Ethical Hacking (GXPN Certification), SEC642 - Advanced Web App Penetration Testing and Ethical Hacking, SEC564 - Red Team Operations and Threat Emulation

3. OSD Sponsored Cyber Operation Academy Course (COAC) graduates.

+ Bachelor’s degree desired

Security Requirements:

+ Active DoD Top Secret clearance required

Imagine One Technology & Management, Ltd., offers a full package of benefits and competitive salary, excellent group medical, vision, and dental programs. 401K savings plan; $4K annual tuition reimbursement ($5K if pursuing master’s degree); employee training, development, and education programs; profit sharing; advancement opportunities; and much more!

_ISO 9001:2015, ISO 20000-1:2018, ISO 27001:2013_

_CMMI Development and Services - Maturity Level 3_

_An Employee-Owned Business_

_EEO/Veterans/Disabled_