The Cyber Security Developer, Senior will lead and support critical IT cybersecurity efforts for the Criminal Justice Information Services (CJIS) Division. This role requires the execution of advanced vulnerability assessments, risk analysis, secure coding practices review, and technical guidance for federal information systems in accordance with FBI and federal policies. The analyst will leverage a broad set of tools and methodologies to ensure systems' confidentiality, integrity, and availability while fostering collaboration with CJIS stakeholders and contributing to safeguarding national interests.

This position performs all duties and responsibilities in accordance with the Mission, Vision, and Core Values of Cayuse.

• Conduct risk and vulnerability assessments, security functional testing, and penetration testing.
• Handle monitoring and review of security logs, system logs, and audit logs using tools such as Splunk, performing Threat Hunting as necessary.
• Coordinate incident responses and recommend mitigation strategies to address cybersecurity issues.
• Familiarity with security monitoring applications and tools such as:
• Tenable Security Center, WebInspect, AppScanner, GITLAB, Atlassian JIRA, Atlassian Confluence, SharePoint, and BigFix.
• Familiarity with software engineering and analysis tools such as:
• CodeSonar, CodeDx, Fortify, WebInspect, GITLAB, JIRA, SharePoint, and Coverity.
• Perform static analysis on source code in languages such as C, C++, Java, C#, Groovy, Python, Perl, Pup, JavaScript, Ruby, Bash, Powershell, Objective C, identifying vulnerabilities and removing malicious logic.
• Conduct dynamic, manual, and automated binary reverse engineering analysis on developed applications.
• Provide expert-level guidance on secure software development methodologies, web development techniques, and interfaces.
• Assist in identifying and evaluating technical/operational security risks, threats, weaknesses, and vulnerabilities in CJIS information systems.
• Offer tailored recommendations and mitigation strategies for identified risks or architectural changes.
• Deliver presentations, briefings, and training sessions tailored to CJIS stakeholders.
• Provide knowledge transfer sessions and risk assessment reports for continued improvement of cybersecurity standards.
• Ensure systems meet federal and FBI policies, regulations, and FISMA compliance.
• Collaborate with change management teams to evaluate the security implications of architectural and engineering modifications to systems
• Other duties as assigned.

• Masters degree in Cybersecurity, IT, Computer Science, or related field.
• Minimum 6+ years of relevant experience in cybersecurity roles, preferably within federal systems.

• Active Top Secret Clearance required.
• Certification such as CISSP, COMPTIA Sec+, or equivalent is required; advanced certifications like Cloud Certification are highly valued.
• Deep experience with tools such as Tenable Security Center, Splunk, OWASP Zap, JIRA, and Atlassian collaboration platforms.
• Strong hands-on experience in reverse engineering, secure coding practices, and agile development methods using frameworks like SAFe.

• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.

Minimum Skills Required:     

• Must possess problem-solving skills.
• Exceptional communication skills, both oral and written
• Ability to respond effectively to customers with a sense of urgency.
• Proficient in Microsoft and Adobe toolsets, including Excel, Word, PowerPoint, Acrobat, etc.
• Highly motivated with the ability to handle and manage multiple tasks at any one time.
• Ability to forge new relationships, individual and teaming in nature.
• Must be a Self-starter, that can work independently and as part of a team.

Desired Qualifications:

• Certifications:
  • Certified Ethical Hacker (CEH) or related advanced industry certifications.
  • Specialization in cloud technologies security involving platforms such as AWS or Azure.

Expertise in penetration testing, code vulnerability analysis, and zero-day threat mitigation strategies.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.