Shire Jobs

Mobile Shire Logo

Job Information

SAIC Source Code Security Analyst in FAIRMONT, West Virginia

Description

Description

The Source Code Security Analyst will be responsible for the evaluation of networks and systems to identify vulnerabilities with the goal of helping an organization improve its security posture. This is a highly technical hands-on role that will utilize the knowledge of common ports, protocols and services (PPS), knowledge of system administration, operating systems and creativity skills. It is an opportunity for a team player to enhance a world-class team and learn new skills.

Requirements

  • Do vulnerability and compliance assessments as a member of a technical team

  • Conduct desktop/web/network applications source code analysis to find with high confidence vulnerabilities such as buffer overflows, SQL Injection Flaws, and so forth

  • Able to identify difficult to find vulnerabilities such as authentication problems, access control issues, insecure use of cryptography, etc. via source code review

  • Understand and perform static code analysis on widely-used languages for desktop and web applications including: C/C++ (Windows, RedHat Linux, Solaris), Java (Java SE, Java EE, JSP), .NET (C#, ASP.NET, VB.NET), Python, PHP, Ruby on Rails, ColdFusion, JavaScript (including AngularJS, Node.js, and jQuery) and others

  • Configure, execute, validate and contextualize the output of static code analysis tools like HP Fortify, CodeDX, and others

  • Validate high number of false positive findings

  • Build working applications from customer/site provided source code to support static/dynamic testing

  • Work extensively from the Windows and UNIX/Linux command line (e.g. Bash, PowerShell, etc.)

  • Research and formulate recommendations for vulnerabilities

  • Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.

  • Be able to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws

  • Develop proof-of-concept examples and scenarios for reports and live demonstrations

  • Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members

Qualifications

TYPICAL EDUCATION AND EXPERIENCE:

Bachelors degree and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD and four (4) years or more experience.

REQNUMBER: 2018280

SAIC is a premier technology integrator, solving our nation’s most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability

DirectEmployers