We are staffing a small team that is responsible for developing secure coding practices, techniques, and tools. We work with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed. The individual in this position will be responsible for developing analyzable secure coding rules for Java, C, and other programming languages. The individual will be researching and developing advanced software static and dynamic analysis techniques and methods for mobile platforms including Android. The individual will work directly with customers to: develop and provide training in secure coding practices, develop source code analysis, and enhance and extend organizational capabilities to produce secure software systems.
- Education: BS in Computer Science with eight (8) years applicable experience or equivalent combination of training and experiences.
- Experience: Candidates should have at least five (5) years of experience in developing Java software analysis techniques in one or more of the following areas; static analysis; dynamic analysis; data flow analysis; compiler development, including understanding the impact of optimization techniques on security issues; knowledge of analysis techniques that may be useful in security analysis but might not have been applied to security yet; computer architecture, including understanding the impact of security techniques on application and system performance for various architectures.
- Skills: Successful candidates will: ability to develop and implement advanced analysis techniques; be expert in Java and have extensive knowledge of the second language; be expert in Android platform development; interact effectively with customers and teammates; have strong written and verbal communications skills; take a leadership role in technical projects.
- Physical Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.
- Environmental Conditions: Normal office conditions; however, close contact with computer for prolonged periods of time.
- Mental: The ability to work well under pressure of deadlines and with confidential information.
- Other: Candidate must be a U.S. Citizen, must be eligible to obtain a DoD TS Clearance, and must be able to successfully complete a background investigation.
- Education: MS in Computer Science with five (5) years experience or PhD in Computer Science with two (2) years experience or equivalent combination of training and experiences.
- Experience: Ideal candidates will have experience in the following areas: model checking; abstract interpretation; use of assertions in program code; using mathematical techniques such as denotational semantics, axiomatic semantics, operational semantics, and abstract interpretation.
- Skills: Preferred candidates will: possess excellent technical problem-solving skills; learn quickly and have a history of producing creative and innovative solutions; be motivated to tackle challenging problems.
Regular Full Time
SEI NETWORKED SYSTEMS SURVIVABILITY
Minimum Education Level
Bachelor's Degree or equivalent
Carnegie Mellon University - 13 months ago
We are a global research university with more than 12,000 students, 92,000 alumni and 5,000 faculty and staff. Carnegie Mellon has been a...