Key skills
ReactAngularJSDjangoSpringKubernetesRisk ManagementOWASPPenetration TestingCloud Security
About this role
Odyssey is a world-class technical, engineering, and integration company serving the warfighting ecosystem. They are seeking a Senior Cybersecurity Engineer to provide support to the Command, Control, Communications (C3C)/Kessel Run division, focusing on comprehensive security assessments, vulnerability assessments, and ensuring alignment with cybersecurity policies and frameworks.
Responsibilities:
- Conduct comprehensive security assessments and vulnerability assessments of internally developed and third‑party applications
- Perform and document software security evaluations, including code reviews, secure coding verification, and architectural security analysis
- Utilize penetration testing tools and methodologies to identify and validate vulnerabilities
- Develop and maintain threat models and execute security risk assessments to identify and mitigate potential threats
- Evaluate system security controls, identify vulnerabilities, and propose effective mitigation strategies
- Review applications against established vulnerability standards, such as the OWASP Top 10, and deliver prioritized remediation recommendations
- Ensure all application and system deliverables align with DoD and Air Force cybersecurity policies, directives, and frameworks
- Stay up to date with emerging security advisories, regulations, alerts, frameworks, and compliance standards including:
- ISO 27001
- NIST Cybersecurity Framework
- DoD 8500 series
- Risk Management Framework (RMF)
- DIACAP / DIARMF equivalents
- Provide expert guidance on secure design principles, cloud security best practices, and container/Kubernetes security
- Prepare detailed reports including:
- Software assessment results
- Vulnerability assessment findings
- Risk mitigation and remediation plans
Requirements:
- Must be a US citizen
- Must have and be able to maintain a Secret Level Clearance
- 10+ years of experience with 5+ years of experience in the DoD
- 5+ years of experience in Level III application security, software development or IT Security
- CompTIA Sec+ certification
- Understanding of multiple web development frameworks, including but not limited to (AngularJS, React, Django, and Spring)
- Understanding of Kubernetes container orchestration, networking concepts, and deployment strategies