View all jobs

SECURE SOFTWARE ENGINEER (TS/SCI CLEARANCE REQUIRED)

Chantilly, VA

NorthHill Technology Resources has a need for a Secure Software Engineer to support a critical Federal Program in Chantilly, VA.  This is a direct-hire role with our client, a highly respected Federal Integrator.  Due to the nature of the work, US Citizenship and an active TS/SCI Clearance is required.

Secure Software Engineer

Project Overview

We are developing an Independent Verification and Validation (IV&V) program that will design, develop, and implement a scalable, repeatable, automated, and enterprise-wide framework for evaluating the quality, accuracy, and mission utility of GEOINT products. The framework will support imagery, geospatial data, 3D GEOINT, mapping products, and future GEOINT data types by providing standardized methodologies for automated testing, metric generation, data storage, visualization, and reporting.
The successful candidate will be part of a team to support the design, development, integration, testing, deployment, and sustainment of the enterprise IV&V platform while collaborating with Government stakeholders to evaluate existing GEOINT IV&V capabilities, implement automated verification processes, and deliver secure, scalable software solutions.
Role Overview
The Secure Software Engineer will design, develop, integrate, and maintain an enterprise Independent Verification and Validation (IV&V) application supporting automated evaluation of GEOINT products, including imagery, geospatial data, mapping products, and 3D GEOINT datasets. The engineer will develop secure, scalable software solutions that automate GEOINT quality assessment, metric generation, visualization, reporting, and data management while ensuring cybersecurity is integrated throughout the software development lifecycle.
Working closely with Cloud & DevOps Engineers, system engineers, data scientists, and Government stakeholders, the Secure Software Engineer will implement application services, user interfaces, APIs, automated testing capabilities, and data processing workflows while incorporating secure coding practices, vulnerability remediation, and cybersecurity engineering principles. The engineer will support the development of a trusted enterprise IV&V platform that meets security requirements while providing reliable, repeatable, and automated GEOINT evaluation capabilities.
Responsibilities

  • Design, develop, test, and maintain software applications supporting the enterprise GEOINT IV&V framework.
  • Develop secure application services, RESTful APIs, user interface components, and backend services supporting automated GEOINT evaluation workflows.
  • Implement software that automates GEOINT metric generation, data validation, quality assessment, reporting, and visualization.
  • Develop software components supporting ingestion, processing, storage, and retrieval of imagery, geospatial data, mapping products, and other GEOINT data sources.
  • Apply secure software development practices throughout the software development lifecycle, including threat-informed design, secure coding, and automated security testing.
  • Identify, analyze, and remediate software vulnerabilities identified through static analysis, dynamic testing, dependency scanning, and penetration testing activities.
  • Integrate authentication, authorization, encryption, audit logging, and other security controls into enterprise applications.
  • Collaborate with Cloud & DevOps Engineers to support containerized deployments, CI/CD pipelines, and DevSecOps automation.
  • Develop automated unit tests, integration tests, regression tests, and validation frameworks supporting repeatable software quality assurance.
  • Support software integration, system testing, defect resolution, and operational transition activities.
  • Participate in system architecture reviews, software design reviews, code reviews, and technical interchange meetings.
  • Prepare technical documentation including software design descriptions, interface documentation, security documentation, and user guides.
  • Support Risk Management Framework (RMF), Authority to Operate (ATO), and cybersecurity assessment activities through development of secure software artifacts and remediation of identified findings.
  • Participate in Agile software development activities including sprint planning, backlog refinement, demonstrations, and retrospectives.
Required Qualifications
  • Bachelor's degree in Computer Science, Software Engineering, Computer Engineering, Cybersecurity, or a related technical discipline and 9 years of relevant experience, or a Master's degree in a related field and 7 years of relevant experience.
  • Experience designing, developing, testing, and maintaining enterprise software applications using modern object-oriented programming languages such as Python, Java, C#, C++, or Go.
  • Experience developing web applications, RESTful APIs, backend services, and user interface components.
  • Experience implementing secure software development practices, secure coding standards, and application security principles.
  • Experience developing software using modern software engineering methodologies including Agile development, version control, and continuous integration.
  • Experience integrating software with relational and/or NoSQL databases.
  • Experience developing automated testing, software verification, and quality assurance frameworks.
  • Experience with Git, GitLab, GitHub, or similar source code management platforms.
  • Experience collaborating within DevSecOps environments utilizing automated build, testing, and deployment pipelines.
  • Knowledge of cybersecurity principles including authentication, authorization, encryption, vulnerability management, logging, and auditing.
  • Experience supporting software vulnerability remediation and security assessment activities.
  • Strong analytical, troubleshooting, and problem-solving skills.
  • Strong written and verbal communication skills with the ability to prepare technical documentation and communicate effectively with Government stakeholders.
Desired Qualifications
  • NGA domain experience with development or deployment into CORE and/or RLE.  (CORE highly preferred).
  • Experience developing applications supporting imagery exploitation, geospatial analytics, mapping, remote sensing, or other GEOINT mission areas.
  • Experience developing cloud-native applications deployed within Kubernetes, OpenShift, or AWS environments.
  • Experience supporting Risk Management Framework (RMF), ICD 503, NIST SP 800-53, Authority to Operate (ATO), or Authority to Develop (ATD) processes.
  • Experience developing automated verification, validation, or test frameworks supporting scientific, engineering, or geospatial applications.
  • Security certifications such as Security+, CSSLP, CISSP, or cloud security certifications.