Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, performs software architecture and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms. + Supports the development of security procedures and methods to ensure the safety of information systems and to protect the system from intentional (unauthorized) or accidental (inadvertent) access or destruction. + Works with Web development, network administration, and corporate security teams, to actively identify, and analyze risks and develop plans that drive security improvements for the project/program. + Serves as a liaison between development teams and stakeholders to understand and formulate security requirements for project/program. + Defines, maintains, and enforces application security best practices. + Explains and demonstrates vulnerabilities to application owners, and provide recommendations for mitigation. + Conducts and coordinates vulnerability assessments of software application under development. + Identifies additional application security related tools, conducts tool analysis, and provided recommendations. + Performs and conducts penetration tests and manual/automated code reviews. + Trains developers and other relevant team members on Secure Code Development as well as other security protocols as needed. **Minimum Qualifications** + Bachelor’s Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience. + 5-10 years of experience as an Application Security Developer, Application Security Analyst, or equivalent. **Other Job Specific Skills** + Experience with developing/integrating cybersecurity designs for systems and networks + Experience with documenting and addressing organizational information security, cybersecurity architecture, and systems security engineering requirements + Experience with developing system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements + Experience with documenting the protection needs (i.e. security controls) for information system(s) and network(s) + Ability to perform security reviews, identify gaps in security architecture, and develop a security risk management plan + Ability to develop a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements + Experience with vulnerability scanning tools to include those supporting operation system, web application, database assessments, + Skill in translating operational requirements into protection needs (i.e. security controls) + Security Information & Event Management (SIEM) work experience + Hands on experience with Windows/Linux operations to include configuration, maintenance, and management Cybersecurity Certifications: At least one of the following: CISSP, CCSP, CCNA,CISSP-ISSAP,CISSP-ISSEP, GIAC, SSCP, Security+ (or equivalent as approved by the Government) + Secret Clearance (Eligible) **Compensation Ranges** Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees. **EEO Requirements** It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies. All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment. Physical Requirements The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions. **Disclaimer** The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job. $80,200 - $130k EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies. All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.