• Mobile ISSE

    Job Locations US-LA-New Orleans
    ID
    2019-1018
    Category
    Cyber Security
    Type
    Regular Full-Time
  • Responsibilities

    • Ensure compliance with functional and cybersecurity standards, policies, and doctrine for mobile applications (mobile app)

    • Support the Mobility Program to deliver lightweight and secure mobile applications to their end users within months of initial conception without compromising the appropriate quality control and security checks inherent in the current process

    • Provide Cyber Security guidance and documentation throughout the mobile app software development life-cycle (i.e. design, development and testing)

    • Ensure the completion of mobile app cyber related programs, projects, or tasks within estimated timeframes and budget constraints

    • Provide ISSE support functions as stated in the RMF Process guide and Navy Testing Guidance. Performs all required and approved ISSE RMF process steps as defined in the RMF Process Guide v2.0 as it relates to mobile apps

    • Oversee the development and maintenance of a mobile app's cybersecurity solutions

    • Utilize forensics, hacking, and pen testing techniques to assess mobile application security

    • Perform source code inspections for security flaws and data exposure

    • Utilize forensics, hacking, and pen testing techniques to assess mobile application security

    • Document and report mobile app vulnerabilities; track remediation efforts

    • Understand and document the security and vulnerability details related to mobile apps, devices, operating systems, and web services

    • Be familiar with industry security and regulatory compliance standards as they relate to mobility, such as NIST, NIAP, OWASP, CWE, CVSS, including Risk Management Framework (RMF)

    • Perform examination of transmitted and stored data for personally identifiable information (PII) and/or mobile application artifacts

    • Understand, document and present findings on the data risk profile of applications when in actual use

    • Communicate security requirements and assessment results to both program management and developers

    • Identify key strategies for remediation of vulnerabilities

    • Create technically sound and actionable reports and remediation plans

    • Continuously monitor the state of the mobile security industry

    • Work in an agile and expedited project structure

    Qualifications

    • Minimum SECRET clearance

    • 5+ years of experience in cyber security

    • BS Degree in Cyber Security/Engineering field (e.g. Computer, Electrical, Mechanical, Systems, Security) or equivalent experience

    • Applicable Certifications include: CISSP, OSCP, CHFI, CEH, GPEN, GWAPT

    • Must demonstrate a strong fundamental understanding of security

    • Experience in Threat Modeling and security requirements development

    • Experience with Linux; command line, configuration, and scripting

    • Experience with C#, Objective-C, Swift, Java, JavaScript

    • Firm understanding of sensitive data types and cybersecurity protections associated with that data (e.g. PII, PHI, etc.)

    • Possess knowledge of current security threats, techniques, and landscape (threat vectors)

    • Proficiency in Microsoft Office applications, particularly Visio, Word, Excel and PowerPoint

    • Ability to think independently with minimal oversight, as well as demonstrate exceptional written and oral communications skills with a high level of professionalism

    • Ability to work independently and with remote teams

     

    Preferred Skills:

    • Experience with Fortify SCA or other static code analyzers

    • Experience with reverse engineering mobile apps

    • Experience with DevSecOps

    • Experience with Navy RMF

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed