Job Description
COLSA is seeking to hire a lead architect and administrator on a team to support our Enterprise IT Support Services work at the Army Aviation and Missile Center (AvMC) at Redstone Arsenal in Huntsville Alabama. As the Fortify architect and administrator, you will be responsible for maintaining the current AvMC Fortify architecture within the Center’s SecDevOps environment and advancing its implementation. You will collaborate with stakeholders including software developers, government and contractor cybersecurity professionals, and other AvMC system administrators to ensure a seamless integration of Fortify applications and its contributions to the software Continuous Development/Continuous Integration Lifecycle.
AvMC is the U.S. Army’s focal point for providing research, development and engineering technology and services for aviation and missile platforms across the weapons systems life cycle. AvMC’s mission is to “deliver collaborative and innovative aviation and missile capabilities for responsive and cost-effective research, development, and life cycle engineering solutions” to equip the Warfighter with the best technology today and tomorrow.
Principal Duties and Responsibilities (*Essential functions)
- Implement, manage, and sustain software security risk measures across the AvMC Enterprise leveraging DoD approved risk management software to include the Fortify software portfolio to include Software Security Center (SSC) and WebInspect.
- Provide continued maintenance, development, and support for the software code analysis environment, tool sets, and code simulators that support various application development efforts across the AvMC Enterprise.
- Integrate Fortify, and any complimentary Government-approved tools, into existing and established enterprise integrated development environments and continuous integration/continuous development (CI/CD) DevSecOps pipelines.
- Collaborate with development teams to triage and fix vulnerabilities identified as a result of static and dynamic code analysis support.
- Ensure all developed applications meet RMF and Cybersecurity compliance goals.
- Stay updated with the latest Fortify technologies, features, and best practices to recommend system enhancements. Improvements can consist of solutions from other security vendors.
- Provide training and technical support to end-users on Fortify functionalities and features.
- May provide leadership to others on the team.
- May provide technical consultation to other departments.
- May evaluate internal or external vendor capabilities to provide required products or services.
At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits
Required Experience
Required Qualifications
- Bachelor’s degree in a related field.
- Ten (10) years of prior experience in a similar role.
- Active CompTIA Security+ CE certification to meet DoD 8570 Level II/III certification requirements.
- Extensive experience using, maintaining, and integrating Fortify into a software development lifecycle framework.
- Experienced in designing and implementing software application security solutions using Fortify.
- Proficiency in containerization technologies such as Docker and Kubernetes.
- Strong verbal and written communication skills.
- U.S. Citizenship required; must be able to obtain a DoD Secret clearance.
Preferred Qualifications
- Active DoD clearance at the level of Secret or better.
- Experience with DISA Security Technical Implementation Guides (STIGs) for applications.
- Experience working in a Department of Defense or supporting organization environment.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
#crit