Defense Human Resource Agency's mission is to provide program support, information management, and administrative services to the DoD Components on human resource matters and to collect, archive, and provide management information, research, and analysis of human resources and other related functional area databases for the DoD.Learn more about this agency
This position is being posted under OPM's Direct Hire authority for Information Security positions: For more information please see: https://www.opm.gov/policy-data-oversight/hiring-information/direct-hire-authority/#url=Governmentwide-Authority
As an IT Specialist (INFOSEC) at the GS-2210-9/11/12 some of your typical work assignments may include:
- Identify current and emerging technology issues including security trends, vulnerabilities, and threats.
- Implement new security solutions to better protect the organization.
- Conduct proactive research to analyze security weaknesses and recommend appropriate remediation strategies.
- Integrate secure coding practices in current CI/CD environment, perform secure coding practices, assist developers to mitigate business critical vulnerabilities and attach vectors in web applications.
- Work independently with developers, product owners, and other colleagues to ensure secure design, development, and implementation of our applications.
- Evangelize secure code development practices in the organization.
- Recognize application vulnerabilities and exploit them.
- Perform dynamic and static analysis techniques, fuzzing, and secure code practices.
- Work with common security tools.
- Perform vulnerability assessment and penetration testing and propose remediation approaches to business heads.
- Secure different on-premise and/or cloud applications by using best security practices.
- Perform application development in JAVA, .NET, C++, C#, R, COBOL, PHP, Python, Cold Fusion, PL/SQL, and other program languages.
- Perform static and dynamic security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication or authorization, and OWASP top 10 issues.
- Review code developed in leading modern programing languages and technologies.
Occasional travel - You may be expected to travel for this position.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/600360100. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.