This site uses cookies. To find out more, see our Cookies Policy

Application Security and Development Compliance Reviewer in Chambersburg, PA at Booz Allen Hamilton Inc.

Date Posted: 5/15/2019

Job Snapshot

Job Description

Job Number: R0047900

Application Security and Development Compliance Reviewer

Key Role:
Conduct assessment and accreditation (A&A) reviews of various government and commercial-off-the-shelf (COTS) software, including Symantec Netbackup, Switchexpert, and Splunk applications on operational DoD information systems (ISes). Assess multiple areas of application security, including encryption, coding standards, logging and auditing, and public key infrastructure (PKI) compliance. Work as part of a dynamic technical travel team to assess the security posture of applications and development processes in CONUS and OCONUS locations. Oversee junior reviewers and assist with the completion of on-the-job training and check ride checklists to certify junior staff. Prepare briefing slides and summary of findings analysis for trip out briefs and interact with clients to perform technical audits. Communicate information on technical vulnerabilities to government client leadership. This position requires regular travel of up to 85% of the time to various military installations in and outside of the US on a regular basis with expenses covered under per diem in accordance with the JTR when outside of base location. This position may be located in Fort Meade, MD or Chambersburg, PA.

Basic Qualifications:

-2+ years of experience with the systems development life cycle (SDLC), application development life cycle, application life cycle management (ALM), and SDLC and ALM tools, including team foundation server, JIRA, and Enterprise Architect

-2+ years of experience with assessing Web application systems and SQL and Oracle databases

-2+ years of experience working with application vulnerability scanning tools, fuzz testers, and analyzing scan results

-Knowledge of Software Configuration Management (SCM or S/W CM), revision control, and establishment of software baselines

-Knowledge of application development frameworks, including PHP, .NET, and ASP

-Knowledge of Open Web Application Security Project (OWASP)

-Top Secret clearance

-HS diploma or GED

Additional Qualifications:

-TS/SCI clearance preferred

-BS degree in CS, Management Systems, or a related technical field preferred

-8570 IAT III Certification required

-CCRI Certification, including applicable walk through training courses, onsite shadowing, and checkride of CCRI Certification for Network Vulnerability Assessments and Security Scanning

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.