Logo
VMD Corp

Software Security Developer

VMD Corp, Washington, District of Columbia, 20022


Description As a Vision, Mission, and Driven company, VMD has been delivering information technology solutions to the Federal government in Agile Engineering, Cybersecurity, and Critical Infrastructure Protection since 2002. Our mission has now expanded, and we have merged with Xcelerate Solutions to revolutionize end-to-end enterprise security. Together we are committed to protecting our nation's citizens, critical infrastructure, and resources. Why Join VMD Corp? At VMD, now a part of Xcelerate Solutions, you have the opportunity to thrive in your career and become a Game Changer. The quality and talent of our people is what drives our success. We embrace an employee-first culture and make it a priority to provide professional development opportunities that foster career growth. We help protect American Citizens and the nation's most critical infrastructure by working alongside our customers and delivering game changing solutions to strengthen their missions. We believe our passion and commitment to achieve our customers' goals and solve their most critical challenges defines who we are. We don't just dream big, we act on it - through teamwork, dedication, and resilience. Learn more about VMD culture here: VMD Culture About the Mission You Will Join: VMD is rapidly growing IT services company focused on tackling some of the big challenges in Immigration, Travel, and Critical Infrastructure Protection. We are looking for dynamic individuals to act as "Game Changers" in driving operational efficiency to our customers. In this role, you will be supporting the Department of Homeland Security mission, specifically working to enhance the immigration experience through IT modernization and innovative digital strategies. Your Impact to the Mission: The Software Security Developer has the overall responsibility to developing software applications, services, and systems (e.g., user-facing and back-end services). Manage source code using industry version control best practices. Research new techniques and technologies to stay current in software development methodologies and tools. Utilize code validation tools to ensure that source code is valid, is properly structured, meets industry standards, is secure, and is compatible with browsers, devices, or operating systems. Collaborate with stakeholders to define needs and/or specifications and develop proposed solutions. Test and integrate developed software applicants into the operational baseline. Perform test driven development utilizing strong unit testing techniques to include test cases mimicking external interfaces and addressing all browser and device types. Modify or enhance existing software to correct errors, to adapt it to new hardware, or to upgrade interfaces and improve performance. Create technical models, architectural artifacts, and/or prototypes that include physical, interface, logical, or data models (e.g., model view controller (MVC) programming practices). Share actionable/valuable information with colleagues and leadership and engage with community as resident expert. Prepare reports and consult with customers or other stakeholders to advise on technical issues, provide operational support, respond to questions, and offer status updates. Develop DevOpsSec (CI/CD) pipelines and incorporate security protocols while deploying infrastructure as code (IaC). Experience Needed to Be Successful: Experience with DevOpsSec pipeline tools including configuration management, requirements (e.g. JIRA), automated testing, automated deployments, blue green deployments, and branching strategy and implementation. Experience in cloud computing including concepts, capabilities, and applications as they relate to storage, processing, and dissemination and overall security. Demonstrated experience working with multi-disciplinary teams to fulfill stakeholder requirements. Professional experience using a programming language such as Java, Python, JavaScript, or equivalent to build and design complex software applications. Professional experience designing, developing, testing, and deploying software to include full stack web-based applications using industry standard DevOps tools. Experience in applying agile development methodologies to develop software. Experience building web application programming interfaces (API) using standards established in NIST SP 800-204. Demonstrated experience with the complete software development lifecycle (SDLC). Experience applying software security techniques, controls, and best practices to engineer software to mitigate vulnerabilities, risk against malicious attacks, and ensure continued operations. Demonstrated expertise in developing and managing IT or software governance policy (e.g. software development standards, best practices in building and maintaining software). Experience with performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series. Basic Qualifiers: Education Requirement: Bachelor's degree in science, technology, engineering, and math (STEM) field and nine (9) years IT security (Cybersecurity) experience; or seven (7) years with a Masters; or four (4) years with a PhD. Can Additional Years of Experience Substitute for Degree? Yes Required Certification(s): Certified Application Security Engineer (CASE) Certification or Certified Secure Software Lifecycle Professional (CSSLP) Certification; and Certified Ethical Hacker (CEH) Certification or Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP); and AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional. Minimum Years of Overall Experience: 5 Minimum Years of Specific Experience in Field: 4 Minimum Clearance to Start: Public Trust Work Status Allowable: US Citizen The Type of Person That Will Excel: You are curious, inquisitive, and have demonstrated a constant eagerness to learn through actions. You have high attention to detail. You demonstrate personal accountability and integrity in all actions. Travel and Telecommuting: Travel: None Telecommute Options: Hybrid. Occasional trips to client site for meetings. Candidate needs to be located in the DC metro area. VMD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable Federal, state and local laws. VMD maintains a drug-free workplace.