Description
a.i. solutions is seeking a highly-motivated Cyber Software Analyst to support the Reagan Test Site (RTS) Engineering and Technical Services (RETS) Program in Huntsville, AL. The Cyber Software Analyst will support ballistic missile, guided weapon and aeronautical tests and evaluations as well as support space situational awareness operations and experiments. The successful candidate will demonstrate the ability to embrace the a.i. solutions mission and work to continually exceed the expectations of our customers.
Essential Functions
Perform technical engineering support and research in the area of Software Assurance to include the analysis of software source code and binary executable files.
Perform senior cyber assurance analyst tasks in support of the RTS Government ISSM, Cyber Assurance staff and other senior management in areas of National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), DoD, Army Regulations, Incident Response, Risk Assessment, Software Assurance and related Cyber Assurance disciplines.
Perform software analysis using automated analysis tools and manual techniques to identify coding flaws, exploitable vulnerabilities, and malicious indicators in software applications.
Provide detailed reports of identified issues and work with customer cybersecurity office and software development personnel to analyze and identify mitigations.
Conduct research on emerging software assurance tools and provide detailed reports on tool capabilities and applicability to the client's software assurance requirements as needed.
Examine potential security violations to determine if policy has been breached and respond in accordance with the Incident Response Plan.
Support, monitor, test, and troubleshoot hardware and software Cyber Assurance problems pertaining to the network environment.
Manage the local IAVM program, Cyber Assurance training and workshops, proactive vulnerability scanning, incident detection and response, and other network security functions in support of RTS.
Required Skills
Proficiency in tools such as Fortify, Checkmarx, or SonarQube to analyze source code for "CWEs" (Common Weakness Enumerations).
Understanding how to test the software while it's running to find flaws that only appear during execution.
Strong ability to manually look at code (C++, Java, Python, etc.) and spot logic flaws that automated tools might miss.
Skilled in analyzing Software Bill of Materials (SBOMs) to track third-party libraries and "Open Source" risks.
Adept at performing Vulnerability Research and tracking the CVE database to ensure no outdated components are being used in RTS systems.
Proficiency in scanning and securing Docker/Kubernetes containers and identifying vulnerabilities in Infrastructure as Code (IaC).
Ability to map technical vulnerabilities to MITRE ATT&CK frameworks to demonstrate how a code flaw could be exploited in a real-world mission thread.
Demonstrated understanding of the NIST SP 800-53 and 800-161 controls required for federal information systems.
Understanding RMF and how Software Assurance feeds into the larger ATO process.
Strong Ability to validate and verify SW STIGs.
Exceptional ability to perform risk assessments, analyze technical vulnerabilities, and explain their potential impacts to the RTS mission systems.
Skilled at analyzing false positives and associated mitigations to weed out "noise" so the developers can focus on the real threats / true positives.
Required Experience
Bachelor's Degree in Computer Science, Cybersecurity, or a related field; or an equivalent combination of education and experience.
Ten (10) years or more of relevant experience including:
Four (4) or more year years in the Software Development Life Cycle (SDLC)
Three (3) or more years in specialized Cybersecurity/Software Assurance.
Mastery of SAST/DAST/SCA tools (e.g., Fortify, Checkmarx, SonarQube, or Snyk) and the ability to tune them to reduce false positives.
Strong proficiency in manual code analysis for languages such as C++, Java, and Python.
Experience building automated security gates and integrating Software Assurance (SwA) into CI/CD pipelines.
Thorough understanding of NIST SP 800-53/800-161 and how SwA artifacts support the RMF/ATO process.
Must meet DoD 8140.03 IAM/IAT Level II or III requirements (e.g., Security+, CISSP, or CSSLP) CISSP preferred.
Exceptional ability to communicate security risks and remediation strategies to both developers and non-technical mission stakeholders.
Additional Eligibility Qualifications
Must be able to obtain and maintain a DoD Secret Security Clearance with the ability to obtain a Top Secret., which requires U.S. citizenship.
The flexibility to work occasional non-duty hours or on weekends to support specific projects or mission requirements.
MAKE A MOVE, MAKE AN IMPACT. a.i. solutions was founded over 25 years ago with a mission to MAKE AN IMPACT by exceeding expectations. A move to our team means using your passion and ingenuity to MAKE AN IMPACT through innovations, defending national security, and enabling access to space. MAKE A MOVE, to join a team driven by a shared ambition, and rewarded for individual contributions. BENEFITS THAT MAKE AN IMPACT:
- Salary ranges from $119,000 to $144,000 depending on relevant experience and qualifications
- View Our Benefits Offerings
Paid Time Off and Holidays
401k Safe Harbor Plan, we contribute on Day #1
Paid Parental leave for Mom & Dad
Company Paid Life/AD&D
Tuition Assistance
Wellness plans that reward wellbeing & work life harmony
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor.
|
a.i. solutions
parental leave, paid time off, tuition assistance, 401(k)
Mar 10, 2026