Cyber Software Engineer II

About The Position

Requirements

• Ability to obtain and maintain a SECRET security clearance.
• Possess or ability to obtain a CompTIA Security+ certification (or DoDM 8140.03 equivalent or higher certification) within 90 days of hire.
• Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity, Software Engineering, or a closely related technical discipline.
• 3–5 years of hands-on software development experience with a demonstrable focus on security.
• Experience should include work on modern codebases (Python, Go, C/C++, or Java) and participation in secure-by-design projects.
• Proven experience with Linux Command Line Interface (CLI) and Bash shell.
• Proven experience conducting static application security testing (SAST), dynamic application security testing (DAST), dependency-chain scanning, and threat modeling.
• Familiarity with tools such as SonarQube, CodeQL, Burp Suite, Trivy, or similar.
• Strong analytical and communication skills.
• Ability to influence cross-functional teams.
• Commitment to mentorship and continuous learning.

Nice To Haves

• A Master’s degree or equivalent advanced coursework in security-focused subjects.
• Familiarity with National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF), Risk Management Framework (RMF), and/or Secure Software Development Framework (SSDF).
• Familiarity with Defense Information Systems Agency (DISA), Center for Internet Security (CIS), International Organization for Standardization (ISO), or equivalent cyber security standards providers.
• Practical knowledge of continuous integration/continuous delivery platforms (GitLab CI, Azure DevOps, Jenkins, GitHub Actions) and the ability to integrate security gates, automated scans, and policy-as-code into pipelines.
• Experience writing reusable Python automation scripts or modules.
• Strong command of Python for security tooling, plus competence in at least one additional language (e.g., Go, C/C++, Java) to understand and influence production code.
• Excellent written and verbal communication skills, with the ability to translate complex security concepts into clear documentation and to work effectively with product owners, architects, DevOps, QA, and other cross-functional teams.
• Evidenced commitment to staying current on emerging threats, vulnerabilities, and industry best practices through self-directed study, conferences, or participation in professional communities.

Responsibilities

• Lead the definition of security architecture for new features and major refactors.
• Conduct threat-modeling investigations.
• Translate product requirements into concrete security controls.
• Spearhead comprehensive vulnerability assessments (static, dynamic, and dependency-scanning).
• Prioritize vulnerability remediation.
• Ensure continuous compliance with frameworks such as NIST, ISO 27001, and DoD RMF.
• Design, develop, and maintain advanced Python-based automation that embeds security gates, secret scanning, policy-as-code, and automated remediation into CI/CD pipelines (GitLab, DevOps, Jenkins).
• Evaluate emerging tools (e.g., SBOM generators, runtime protection platforms) for enterprise adoption.
• Author clear, detailed security design documents, runbooks, and stakeholder-facing briefs.
• Mentor junior engineers on secure coding practices, code-review techniques, and security testing.
• Collaborate closely with product owners, system and software architects, DevOps, QA, and operations teams to ensure that secure, cyber-centric features are delivered on schedule.
• Ensure security considerations are baked into sprint planning and release cycles.

Benefits

• Medical
• Dental
• Vision
• Life Insurance
• Short-Term Disability
• Long-Term Disability
• 401(k) match
• Flexible Spending Accounts
• EAP
• Education Assistance
• Parental Leave
• Paid time off
• Holidays