AvMC EITSS Fortify Administrator (Journeyman)
Location of Position
Level of Clearance Required
COLSA is honored to be
named one of the '2022 Best Midsize Employers' by Forbes. This honor is a
reflection of our collaborative, employee-centric culture. People are
COLSA's greatest asset and are instrumental in serving our clients with
innovative programs and industry-leading technology.
Principal Duties and Responsibilities (*Essential functions)
• Conduct static code analysis and dynamic code analysis services leveraging DoD approved vulnerability scanning software to include, but not limited to, Fortify SCA and Fortify WebInspect
• Secure web systems by performing software testing, verification, and analysis for software developed on this effort
• Provide continued maintenance, development, and support for the software code analysis environment, tool sets, and code simulators that support various application development efforts across the AvMC Enterprise
• Perform code and script development and unit testing in accordance with DoD/DA/AvMC internal software development processes for all products developed and deployed on AvMC networks
• Ensure code is documented and developed in accordance with DoD/DA/AvMC coding standards and DISA Security Technical Implementation Guides (STIG) requirements
• Implement, manage, and sustain software security risk measures across the AvMC Enterprise leveraging DoD approved risk management software to include, but not limited to, Fortify Software Security Center (SSC)
• Provide visibility into vulnerability status by application
• Integrate Fortify, and any complimentary Government-approved tools, into existing and established enterprise integrated development environments and continuous integration/continuous development (CI/CD) DevSecOps pipelines
• Collaborate with development teams to triage and fix vulnerabilities identified as a result of static and dynamic code analysis support
• Ensure all developed applications meet RMF and Cybersecurity compliance goals
• Facilitate bug tracking by integrating Fortify SSC with existing JIRA bug and issue tracking capabilities and/or other Government-approved software
At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here.
- Bachelors’ degree or higher in related field or equivalent
- Minimum of 8 years of related experience
- Must obtain Security+CE within 6 months of hire
- U.S. Citizenship required; must be able to obtain/maintain a DoD security clearance
- Working knowledge of Windows or Linux operating systems and programming or scripting languages'
- Ability to work onsite a minimum of three days a week
- Security+CE certification
- Active DoD security clearance
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
COLSA is a covered Federal
contractor subject to the federal mandate requirements for the COVID 19
vaccine. Currently, there is a temporary injunction against the
Government enjoining the vaccine mandate; however, it may become a condition of
employment in the future if the injunction is lifted.
Information on Benefits: https://www.colsa.com/culture_benefits