IT Security Specialist (Applications)

Website ERT

ERT is a trusted partner to the government, providing scientific

IT Security Specialist (Applications) – Asheville, NC

Position Description
Will be responsible for developing and managing Information System and Application security including disaster recovery, data protection, and software development. Will analyze information security systems and applications, provide recommendations, and develop security measures to protect information against unauthorized modification or loss. The work includes a variety of complicated tasks and a wide degree of creativity and latitude is expected. Specific duties include:

* Securing software design and development concepts.
* Reviewing software code (Java, Python, PHP JavaScript) for compliance.
* Evaluating and advising on the security disposition of Commercial off the shelf (COTS) products, as well as other 3rd party provided libraries and extensions.
* Validating source code builds and build mechanisms into the application and installation deployment procedures.
* Developing and executing IT Security Training regarding secure code development practices.
* Preparing for the eventual extension of these principles for the deployment of containers in a secured environment.

Required Skills
6 – 8 years of experience with IT security as applied to software design and development concepts. Must have experience with software code compliance; security disposition of COTS products and other 3rd party libraries and extensions; and validating source code builds and build mechanisms. Requires experience deploying containers in a secured environment and developing and executing secure code development practices training. Must have good written and verbal communication skills.

Experience in the following areas would be desirable:

* Application security: static code analysis, dynamic application scanning and penetration testing.
* Training and advising developers in secure coding practices.
* Providing expertise and guidance to system administrators, system engineers, facility management, system owner, and upper-level management.
* Participating in annual auditing and accreditation cycle.
* Performing Security Assessments and authoring Security Impact Analysis Reports.
* Maintaining FISMA System Security Plan documentation & compliance in accordance with NIST Special Publications and Federal Information Processing Standards (FIPS).
* Continuous monitoring, vulnerability management and network security monitoring.

Certifications in Information Systems and Security such as A+, Security+, CISSP, CEH, etc. may be considered as qualifying factors.

Must be a US Citizen or Permanent Resident and be able to pass a background investigation to obtain a security badge to enter the applicable government facility.

BS in computer science, related discipline, or equivalent work experience.

Submit resume to ERT’s Career Opportunities Web Page at:

Earth Resources Technology, Inc. (ERT)
ERT is a VEVRAA Federal Contractor and Equal Opportunity/Affirmative Action employer – All qualified applicants will be considered for employment without regard to race, color, religion, sex, national origin, disability, or protected Veteran status.