Security Systems Developer

Who we are: ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community. The Perks: As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more. Who we’re looking for: We are seeking a Security Systems Developer to design, develop and evaluate information system security throughout the entire development life cycle. You will act as a senior technical lead, integrating robust security measures that ensure confidentiality, integrity, availability and non-repudiation across hardware, software and network applications. The Security Systems Developer role is vital in performing risk analysis and developing mitigation strategies to resolve architectural gaps and vulnerabilities in complex, multi-level classification environments. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market. What you’ll be doing: Review applications across the enterprise to ensure they are designed, built and maintained securely against NIST and OWASP standards. Lead secure code reviews to identify vulnerabilities. Perform risk analysis (threat, vulnerability and probability of occurrence) when applications or systems undergo major changes and develop mitigation strategies for cost, schedule, performance and security risks. Conduct security reviews to identify gaps in architecture, recommend security changes to system components and incorporate vulnerability solutions into system designs. Analyze security measures that support confidentiality, integrity, availability, authentication and non-repudiation. Develop detailed security design documentation for components and interfaces, including functional descriptions of security implementation and keep documentation current. Identify components and elements, allocate security functions and describe relationships between system elements; trace requirements to design components and perform gap analysis. Recommend security designs for new or existing systems and direct remediation of technical issues discovered during testing and implementation (including interoperability and protocol issues). Identify, assess and recommend cybersecurity or cybersecurity-enabled products for system use, ensuring compliance with organizational evaluation and validation requirements. Provide input to implementation plans, SOPs, RMF process activities and documentation and support security/certification test and evaluation activities. Verify stability, interoperability, portability and scalability of the system architecture and security design What you need to know: Proficiency in programming languages like Python, Java, JavaScript or .NET. Deep expertise in information security systems engineering principles, specifically NIST SP 800-160 and the application of security models such as Bell-LaPadula, Biba and Clark-Wilson. Proficiency in enterprise architecture methods (e.g., TOGAF, DoDAF, FEAF) and secure configuration techniques, including STIGs and CIS best practices. Mastery of network security architecture (defense-in-depth), traffic flow analysis (TCP/IP, OSI model) and identity management protocols (PKI, Oauth, SAML, SPML). Advanced knowledge of firewalls, DMZs, encryption algorithms and access authentication methods across both standard and specialized (ICS/SCADA) environments. Thorough knowledge of how secure application development methodologies and how an application is deployed into cloud environments (Appian, Salesforce, Azure). Strong understanding of PII (Personally Identifiable Information) and PCI (Payment Card Industry) data security standards, alongside the legal and ethical policies governing cybersecurity and privacy. Must have’s: 7+ years of relevant experience. Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking. Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements. Beneficial to have: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or a related field. Industry recognized certifications. Experience with how to use AI for application security is a plus. Where it’s done: Remote (Herndon, VA). Location Herndon, Virginia (Remote) Department Staff Employment Type Full-Time Minimum Experience Experienced Apply To This Job