Principal Duties and Responsibilities (*Essential functions)

• Conduct static code analysis and dynamic code analysis services leveraging DoD approved vulnerability scanning software to include, but not limited to, Fortify SCA and Fortify WebInspect

• Secure web systems by performing software testing, verification, and analysis for software developed on this effort

• Provide continued maintenance, development, and support for the software code analysis environment, tool sets, and code simulators that support various application development efforts across the AvMC Enterprise

• Perform code and script development and unit testing in accordance with DoD/DA/AvMC internal software development processes for all products developed and deployed on AvMC networks

• Ensure code is documented and developed in accordance with DoD/DA/AvMC coding standards and DISA Security Technical Implementation Guides (STIG) requirements

• Implement, manage, and sustain software security risk measures across the AvMC Enterprise leveraging DoD approved risk management software to include, but not limited to, Fortify Software Security Center (SSC)

• Provide visibility into vulnerability status by application

• Integrate Fortify, and any complimentary Government-approved tools, into existing and established enterprise integrated development environments and continuous integration/continuous development (CI/CD) DevSecOps pipelines

• Collaborate with development teams to triage and fix vulnerabilities identified as a result of static and dynamic code analysis support

• Ensure all developed applications meet RMF and Cybersecurity compliance goals

• Facilitate bug tracking by integrating Fortify SSC with existing JIRA bug and issue tracking capabilities and/or other Government-approved software

At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here. 

 #crit2

• Bachelors’ degree or higher in related field or equivalent
• Minimum of 8 years of related experience
• Must obtain Security+CE within 6 months of hire
• U.S. Citizenship required; must be able to obtain/maintain a DoD security clearance
• Working knowledge of Windows or Linux operating systems and programming or scripting languages'
• Ability to work onsite a minimum of three days a week

Preferred Qualifications

• Security+CE certification
• Active DoD security clearance

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.