Senior Software Cyber Vulnerability Engineer

About The Position

Requirements

• Active DoD Secret Clearance is required
• College Degree in Bachelors of Science in Computer Science, Engineering or related field.
• At least 10 years of experience in software development, with a focus on .Net development in respect to developing rest API interfaces, web technology and Database access functions.
• Proficiency using C++, python and C#
• Experience with working with Cyber teams and providing recommendations on to correct code and/or assist in generating POAMS on source code
• Experience in performing ASD Stigs on development environments.
• Proficiency using CXSAST tools and determining vulnerabilities of packages of Tools
• Knowledge of Object Oriented (OO) Design & Development including the use of software design patterns
• Experience with Agile Development methodologies including use of version control systems (e.g., Git), issue/problem tracking systems (e.g., Jira), and team collaboration software (e.g., Confluence).

Nice To Haves

• Experience working in government/defense labs and their computing restrictions.
• Knowledge of Distributed Testing and Training
• Knowledge of the Test and Training Enabling Architecture (TENA), Cloud Hybrid Edge to Enterprise Test Analysis Suite (CHEETAS) and the Joint Mission Environment Testing Capability (JMETC).
• Experience working with Test and Training Range instrumentation and environment.
• Experience working with major DoD Acquisition programs such as Joint Strike Fighter (JSF) or Missile Defense Agency (MDA)
• Experience with Source Control Pipelines (Jenkins, etc...)
• Excellent written and verbal communications skills are desired, as the Software Developer will be in frequent contact with both a project technical lead, and be taking direction from various government leads.
• Experience with Linux/Unix and Windows environments.
• Solid understanding of software architecture, APIs, and microservices
• Experience writing clean, testable, maintainable code
• Familiarity with unit, integration, and security testing practices (emphasis on the STIG and/or ATO process)
• Infrastructure automation using Terraform or Ansible

Responsibilities

• Performing cyber CSXSAST scanning
• Determining vulnerabilities of import packages
• Provide evaluation of vulnerabilities to Cyber Security upon request
• Determining CVEs if they exist for software packages
• Work closely with other engineers to develop the best technical design and approach for new product development.

Benefits

• KBR is an equal opportunity employer.
• All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.