The Cyber Capability Developer, Senior will lead and support critical IT cybersecurity efforts for the Criminal Justice Information Services (CJIS) Division. This role requires the execution of advanced vulnerability assessments, risk analysis, secure coding practices review, and technical guidance for federal information systems in accordance with our client and federal policies. The analyst will leverage a broad set of tools and methodologies to ensure systems' confidentiality, integrity, and availability while fostering collaboration with CJIS stakeholders and contributing to safeguarding national interests.

This position performs all duties and responsibilities in accordance with the Mission, Vision, and Core Values of Cayuse.

• Conduct risk and vulnerability assessments, security functional testing, and penetration testing.
• Handle monitoring and review of security logs, system logs, and audit logs using tools such as Splunk, performing Threat Hunting as necessary.
• Coordinate incident responses and recommend mitigation strategies to address cybersecurity issues.
• Familiarity with security monitoring applications and tools such as:
• Tenable Security Center, WebInspect, AppScanner, GITLAB, Atlassian JIRA, Atlassian Confluence, SharePoint, and BigFix.
• Familiarity with software engineering and analysis tools such as:
• CodeSonar, CodeDx, Fortify, WebInspect, GITLAB, JIRA, SharePoint, and Coverity.
• Perform static analysis on source code in languages such as C, C++, Java, C#, Groovy, Python, Perl, Pup, JavaScript, Ruby, Bash, Powershell, Objective C, identifying vulnerabilities and removing malicious logic.
• Conduct dynamic, manual, and automated binary reverse engineering analysis on developed applications.
• Provide expert-level guidance on secure software development methodologies, web development techniques, and interfaces.
• Assist in identifying and evaluating technical/operational security risks, threats, weaknesses, and vulnerabilities in CJIS information systems.
• Offer tailored recommendations and mitigation strategies for identified risks or architectural changes.
• Deliver presentations, briefings, and training sessions tailored to CJIS stakeholders.
• Provide knowledge transfer sessions and risk assessment reports for continued improvement of cybersecurity standards.
• Ensure systems meet federal and our clients' policies, regulations, and FISMA compliance.
• Collaborate with change management teams to evaluate the security implications of architectural and engineering modifications to systems
• Other duties as assigned.

• Masters degree in Cybersecurity, IT, Computer Science, or related field.
• Minimum 6+ years of relevant experience in cybersecurity roles, preferably within federal systems.
• Active Top Secret Clearance required.
• Certification such as CISSP, COMPTIA Sec+, or equivalent is required; advanced certifications like Cloud Certification are highly valued.
• Deep experience with tools such as Tenable Security Center, Splunk, OWASP Zap, JIRA, and Atlassian collaboration platforms.
• Strong hands-on experience in reverse engineering, secure coding practices, and agile development methods using frameworks like SAFe.
• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.

Minimum Skills Required:     

• Must possess problem-solving skills.
• Exceptional communication skills, both oral and written
• Ability to respond effectively to customers with a sense of urgency.
• Proficient in Microsoft and Adobe toolsets, including Excel, Word, PowerPoint, Acrobat, etc.
• Highly motivated with the ability to handle and manage multiple tasks at any one time.
• Ability to forge new relationships, individual and teaming in nature.
• Must be a Self-starter, that can work independently and as part of a team.

Desired Qualifications:

• Certifications:
  • Certified Ethical Hacker (CEH) or related advanced industry certifications.
  • Specialization in cloud technologies security involving platforms such as AWS or Azure.
• Expertise in penetration testing, code vulnerability analysis, and zero-day threat mitigation strategies.

Our Commitment to you / overview of benefits

• Medical, Dental and Vision Insurance; Wellness Program
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
• Short-Term and Long-Term Disability options
• Basic Life and AD&D Insurance (Company Provided)
• Voluntary Life and AD&D options
• 401(k) Retirement Savings Plan with matching after one year
• Paid Time Off

Reports to: Program Manager

Working Conditions

• Professional hybrid office environment.
• Hybrid work arrangement with primary reporting location in Clarksburg, WV and some telework flexibility.
• Mission-critical tasks may necessitate on-site presence using government-furnished equipment (GFE).
• Must be physically and mentally able to perform duties extended periods of time.
• Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
• Must be able to establish a productive and professional workspace.
• Must be able to sit for long periods of time looking at computer screen.
• May be asked to work a flexible schedule which may include holidays.
• May be asked to travel for business or professional development purposes.
• May be asked to work hours outside of normal business hours.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.