Software Security Analyst
About the role
TrellisWare is a global leader in advanced wireless communications technology, specializing in algorithms, waveforms, and comprehensive communication systems. We are committed to fostering a collaborative and innovative environment where employees can thrive and contribute to our mission.
Responsibilities
- Conduct software product security assessments and vulnerability testing.
- Regular scanning and penetration testing.
- Threat analysis, static and dynamic analysis, and security testing.
- Maintain currency of evolving security threats, technologies, and regulatory changes.
- Analyze and review functional system design specifications, ensuring security policy compliance.
- Participate in software system architectural and component design reviews.
- Reverse engineer software components for hidden bugs or malicious code.
- Evaluate and ensure secure COMSEC key and certificate distribution, authentication, and assignment.
- Investigate security-related incidents, determine root cause, and verify mitigation updates.
- Document and present product security compliance using standard professional practices and corporate-defined engineering processes.
- Ensure FIPS 140 and NIST STIG compliance.
- Develop relationships with team members based on trust and respect.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or Information Technology or related field of study.
- Minimum of 5 years’ industry experience, including at least 3 years in software development and 2 years in auditing and vulnerability testing.
- Proficiency with Python, C/C++, and an understanding of operating systems and network protocols.
- Experience with penetration testing (ethical hacking) and security scans.
- At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC.
Skills
- Experience with the full software development life cycle, including system design, threat modeling, and secure code implementation.
- Familiarity with encryption devices and secure key management.
- Familiarity with embedded software-defined tactical radio security.
- Experience with threat modeling, secure coding practices, and identification of software vulnerabilities.
- Experience with cybersecurity scanning tools such as Nessus, Qualys VMDR, Trivy, or Rapid7.
- Experience with NIST, ISO 27001, CIS Controls, or OWASP.
- C++, Python, or Java proficiency.
- Experience with distributed revision control systems like GitHub.
- Ability to think critically, pay attention to detail, and communicate effectively both verbally and in writing.
- Strong collaboration and interpersonal skills.
- Proactive work ethic and strong initiative.
- Trustworthy judgment and analytical problem-solving skills.
- Effective execution and decision-making abilities.
- Champion of change and a promoter of innovation.
Qualifications
- U.S. Citizenship.
Additional Requirements
- U.S. Citizenship.
- May require a security clearance or the ability to obtain one.
Benefits
TrellisWare Technologies offers competitive compensation, including a range of $115,000 - $185,000 USD annually for positions in San Diego, CA, based on qualifications and experience. We also provide a supportive and inclusive workplace culture, opportunities for professional growth, and a commitment to diversity, equity, and inclusion.
Pay
$115,000 - $185,000 USD annually for positions in San Diego, CA, based on qualifications and experience.
Schedule
Hybrid schedule, combining remote and in-office work options.