Application Security Engineer
We are a fast-paced organization that values our people and always strives for excellence. Our delivery practices lean heavily on Agile methodology and our technologists are top notch. The Easy Dynamics culture is one of connection and collaboration across teams to ensure that we always put our best foot forward. Being in growth mode means that we are small enough that no idea is too small for discussion, and everyone can be an impact player.
Responsibilities:
• Provide application security expertise, continuous integration, software delivery, software quality, and systems documentation support to the agency’s digital assets, including the Bureau’s public- facing web site, consumerfinance.gov, as well as internal software tools;
• Work with the Application Development Team to discuss and implement security remediations for agency’s web products;
• Work closely with the agency’s Cyber Security and Systems Engineering teams to support compliance, secure baseline development, CVE remediation, and the use of best practices in an AWS FISMA moderate environment;
• Provide support to the agency’s Application Development Team in configuring and operating continuous integration and delivery (CI/CD) pipelines, incorporating security into build process using tools such as PrismaCloud, and identifying and resolving issues in the build-deploy- operation lifecycle;
• Use and apply the findings of robust application security monitoring tools, including assisting in the securing and maintenance of the agency’s website at consumerfinance.gov and internal software tools;
• Assist in building a strong technical foundation in build, release, and production using continuous integration tools such as Jenkins;
• Engage with various agency personnel to understand requirements in order to develop better software for the Bureau and identify new ways in which the development team can easily solve issues;
• Assist the agency’s Application Development team with security focus through participation in daily standup meetings, monitoring, development, and creating issues in the ticket system
• Provide training on a variety of security methodologies, best-practices, and tools along with insight into new technologies and solutions that could help the Application Team and the agency at large; and
• Assist in the development of Use Cases, Requirements Definition Documents, User and Administration Manuals, Detailed Design Specifications, and Training Manuals and Plans
Requirements:
• U.S. citizenship required
• Bachelor’s degree in related field
• At least 5 years of demonstrated experience in the following:
• Configure, operate, maintain, and monitor various application security tools and services
Experience working with vulnerability scanning tools to identify and resolve security vulnerabilities
• Expertise in integrating security testing in automated continuous delivery pipelines (Jenkins/Travis/Ansible)
• Experience working with a modern web development stack and toolchain
• Experience working with open source and community solutions
• Experience in FedRamp IaaS/SaaS
• Experience with monitoring software dependencies and automating the creation of an SBOM (software bill of materials)
• Collaborate, champion, and mentor software development teams and other stakeholders on secure software development, delivery, and operations
Salary Range: $110,000 - $130,000
ABOUT EASY DYNAMICS
Easy Dynamics has nearly two decades of hands-on experience designing, deploying, and managing cybersecurity solutions across organizations of every size. We are builders, problem solvers, and trusted advisors who bring well-architected solutions and management consulting to our clients to align them with the best practices their missions demand. As industry leaders, we are committed to delivering unparalleled quality and service in all aspects of our organization and providing our customers with outstanding technical excellence and the business acumen to advise them on both tactical and strategic initiatives.
Easy Dynamics’ culture is best described as “East Coast address, West Coast attitude, driven by a unique combination of talented individuals who routinely deliver with innovation, and technical excellence. By building a world-class team of engineers and subject-matter experts, we’ve cemented our standing as a trusted provider of next-generation identity and risk management solutions. Other core capabilities include Velum Cloud delivery, automation and resilience.
Easy Dynamics is an equal opportunity employer. Applicants are considered for positions without discrimination on the basis of race, color, religion, sex, national origin, age, disability, sexual orientation, gender identity, veteran status or any other consideration made unlawful by applicable federal state or local laws.