Dogwood Management Partners, LLC


 

FORTIFY SECURITY SOFTWARE DEVELOPER

Reston, VA


   Dogwood Management Partners, an SDVOSB, is seeking a Fortify Software Developer for an opening we have under a federal agency program in Reston, VA. The position requires interaction with the client and team located in Reston and therefore cannot be performed on a remote basis. There may be some light travel involved. The selected candidate will take a lead in improving quality of software design and implementation from security perspective. This position would require interfacing with various stakeholders like developers, security testers, clients, ISSO to advise on secure development practices, vulnerability remediation approach and assessment of false positive vulnerability. This is a full time position which can be set up on a salary plus benefits basis or corp to corp direct to the selected candidate basis. NO THIRD PARTIES PLEASE. US CITIZENSHIP IS REQUIRED. Required Clearance Level: Secret Clearance preferred, but all candidates must be at least clearable with the ability to successfully complete a US government background investigation and be cleared at the Public Trust level. Future work may require an upgrade to Secret.

RESPONSIBILITIES

• Perform code review to improve software security
• Consult and facilitate discussion across various Task Order teams on secure coding practices
• Work with developers to accurately assess description of false positive vulnerability
• Advise Task Order teams and application ISSO on Remediation Plan assessment and implementation approach
• As appropriate, maintain secure development standards, policies, procedures and provide training to developers and testers

REQUIREMENTS

• Software development experience in Java and relevant web application frameworks like Struts, Spring MVC. Knowledge in Javascript and .NET is a plus
• Experience with code analysis tools such as HP Fortify.
• Proven communication skills with both internal development team members and external FEMA business stakeholders.
• Expert knowledge on OWASP Top 10 vulnerabilities remediation approach

PREFERENCES

• Technical background doing security testing
• Knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols

  Due to the clearance requirements, no third party consultants or visa candidates can be considered. Dogwood has been providing cyber security and related IT services to federal agencies since 2001 and we owe our success to the quality of individuals we have been fortunate enough to hire and retain to perform to the standards set forth by leadership within the federal government. If you feel you meet the above requirements and would like to be considered please reply to jbowler@dogwood.net with an updated resume. Use “#1580, Fortify Developer” in the subject line. A simple cover letter or a few bullet points stating the years of experience in the above mentioned skill areas will lead to a quicker response and consideration.


All resumes we receive, will be held in the strictest confidence.  We never share your resume with anyone without discussing it with you first.  Our ethics statement.

Dogwood Partners, Dogwood Services & Dogwood Technologies are equal opportunity employers. Minorities, disabled persons, veterans and disabled veterans are especially encouraged to apply.