Apply on Employer Site

LaunchTech · 15 hours ago

Junior Software Engineer

Colorado Springs, CO

Full-time

Onsite

New Grad, Entry Level

0+ years exp

LaunchTech is seeking a Junior Software Engineer to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. This role focuses on software security auditing, vulnerability identification, and secure development practices supporting mission-critical systems.

CRMInformation Technology

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Learn to perform software security audits identifying risks associated with software and provide comprehensive security assessments for the MDA IC ISSM

Identify known vulnerabilities published in the NIST National Vulnerability Database (NVD)

Discover and compile software dependencies and bills of materials for applications under review

Use a variety of tools to identify vulnerabilities within software applications

Use programming, scripting, and query languages to correlate industry best practices for secure software development

Identify common security issues such as input validation, error and exception handling, logging, access controls, SQL injection, and cross-site scripting (XSS), and articulate mitigation strategies

Correlate DISA Security Technical Implementation Guide (STIG) vulnerabilities and other policies with discovered findings and document them for broad consumption

Monitor and manage a queue of software security audit requests

Assist in developing reporting metrics for team activities

Interact with requesters to understand use cases, application architecture, and risk mitigation strategies

Qualification

Software security auditingVulnerability identificationSecure development practicesIAT Level II certificationProgramming languagesDatabase familiarityManual code reviewsMicrosoft Development certificationsMDA programsCommunication skills

Required

Must have 6, or more, months of IT-related experience

Must be conceptually familiar with databases

Must be familiar with at least one programming or scripting language and understand the difference between compiled and interpreted languages

Must be able to maintain a restricted badge and work on site 4+ days per week

Must have a current IAT Level II certification (Security+ CE) or be able to obtain within 6 months of hire

Must have, or obtain, an active DoD Secret Security Clearance

Preferred

Ability to perform manual code reviews to filter false positives from automated tools

Familiarity with secure programming theory, common software and database vulnerabilities, and remediation processes

Experience with one or more of the following languages or technologies: .NET, VB, Java, C, C++, JavaScript, Python, PowerShell, TFS, JIRA, Git, IIS, Tomcat, Docker, Kubernetes, SQL Server, Oracle Database, Angular, MVC, HTML, ASP, Bash, Perl

Proficiency using Fortify Source Code Analyzer (SCA)

Strong written, verbal, and interpersonal communication skills

Microsoft Development certifications (Azure, Foundations, etc.)

Familiarity with the MDA and BMDS programs