Software Assurance Engineer

AGE Solutions is looking for a Software Assurance Engineer to join our team in support of an upcoming cybersecurity risk management and assessment program with our DoD customer.

In this role, you will be part of the Software Assurance (SwA) team, responsible for providing the level of confidence that software functions as intended and is free of vulnerabilities, either intentionally or unintentionally designed or inserted as part of the software, throughout the software development life cycle.

Individuals in this role must be available to work on-site at the Chambersburg customer office for the majority of the workweek.

Responsibilities Include:

• Develop and maintain a SwA SOP outlining software discovery and diagnostic processes throughout the SDLC.
• Generate Initial and Final SwARM Assessment Reports annually per the A&A schedule.
• Document customer requirements and produce a Software Assurance Plan (SwAP) within three business days, including system details, testing scope, timelines, and security maturity assessment.
• Complete SwA Assessments within five business days for public-facing and internal web applications based on the SwARM schedule.
• Conduct static and dynamic code analysis, spidering, software penetration testing, and database vulnerability assessments.
• Perform web service, mobile application, and reverse engineering testing, generating a SwA Technical Report for each assessment.
• Validate that SwA controls are implemented in RMF packages within eMASS.
• Use the Common Weakness Scoring System (CWSS) to score software vulnerabilities.
• Provide rapid assessment capabilities at the Government's request, generating Rapid Assessment Reports (RARs).
• Validate remediation efforts, upload Final SwARM Assessment Reports into eMASS and TLR, and track unresolved issues for POA&M development.
• Ensure Final Reports highlight critical security risks, threats, and failures, recommending mitigation actions.
• Conduct in-depth assessments as needed and generate In-Depth Assessment Reports.

Requirements:

• Bachelor's degree (IT-related field preferred)
• Five (5) years of Software Assurance (SwA), application security, vulnerability assessment, or penetration testing
• Have an active DoD Top Secret clearance with SCI eligibility
• DoD 8570 IAM/IA Technical (IAT) Level II certification
• Proficiency in static and dynamic code analysis, penetration testing, database vulnerability assessments, and software security reviews
• Demonstrable experience with software security testing tools such as Burp Suite, Checkmarx, Qmulos, ACAS, and Axonius
• Knowledge of Common Weakness Scoring System (CWSS) for vulnerability assessment
• Demonstrable experience with reverse engineering, fuzzing, and spidering for security evaluations
• Strong analytical, problem-solving, and communication skills
• Detail-oriented with excellent documentation and reporting abilities

Compensation: $115,000 - $124,000