Description:
C. Mack Solutions is looking for a senior software developer/architect with a passion for government technology solutions to lead the implementation of security solutions across all layers of our infrastructure, though primarily in the application layer, and in the interactions between systems. The ideal candidate will relish the opportunity to tackle hard problems and find solutions within the environmental constraints that exist. They will also be able to serve as a technical lead, working independently and in coordination with other team members to communicate complex technical concepts and guide cross-functional teams through the development lifecycle. This is a great opportunity to work on mission-critical systems that bring clear value to our customers and end users on a daily basis.

PREFERRED SKILLS AND EXPERIENCE:

• Skilled in using ethical hacking tools and techniques to identify and address security vulnerabilities
• Holds relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or AWS Certified Security – Specialty
• Experienced in contributing to large-scale initiatives involving multiple development and operations teams
• Familiar with working on federal government projects, including navigating compliance and regulatory requirements

• Engineer and deploy comprehensive security measures throughout the software lifecycle, from development to production, ensuring adherence to secure coding standards and safeguarding data
• Establish and maintain security architecture and policies specifically designed for AWS-based microservices environments
• Scale security solutions across diverse development teams and applications with varying architectural designs
• Analyze code scan outputs from tools like Anchore, WebInspect, and DBProtect, and collaborate with compliance teams to fine-tune and enhance scanning effectiveness
• Champion early-stage security integration by building and embedding tools that enforce security checkpoints within CI/CD workflows
• Integrate security checks into source control and pipelines to deliver prompt feedback and uncover insecure coding patterns early in the development process
• Perform vulnerability scans and penetration tests to detect and address security weaknesses proactively
• Apply ethical hacking techniques to uncover and remediate security flaws in both applications and infrastructure
• Promote secure development practices in Java, Python, and Angular by offering internal training and hands-on support for secure coding, deployment, and operations
• Deploy real-time security monitoring and alerting systems to swiftly identify and respond to potential threats
  Requirements: