SUMMARY:

The Secure Software Engineer supports the organization’s Enduring Compliance Paradigm Roadmap by developing software compliance artifacts, assessing baselines, and ensuring adherence to Air Force Life Cycle Management Center (AFLCMC) cybersecurity requirements. This role focuses on secure software development and remediation, contributing to the organization’s cybersecurity compliance.

QUALIFICATIONS: =

• Minimum 5 years of experience in secure software development, STIG application to software, and software development methodologies.
• Expertise in Java or J2EE development, Fortify security scan software, CodeSonar security scan software, DISA Application Security and Development STIG
• IAT Level II or IASAE Level II certification per DoD standards.
• U.S. citizenship and minimum Secret security clearance.
• Completion of annual training: Cyber Awareness, Security Administration, Derivative, Unauthorized Disclosure, Anti-terrorist, OPSEC, safety.

DESIRED SKILLS:

• Certifications: Oracle Certified Professional, Java SE.
• Experience with additional security tools (e.g., Checkmarx, SonarQube).
• Familiarity with Agile or DevSecOps methodologies.
• Strong analytical skills for software vulnerability remediation.

• Develop artifacts for STIG and AFLCMC compliance.
• Engage software sustainers to assess baselines against STIG checklists.
• Document responses and produce baseline reports.
• Provide analysis and guidance for non-compliant checklist items.
• Contribute to the Enduring Compliance Paradigm Roadmap.
• Produce technical reports and deliverables.