Software Assurance SME III

Summary

Join Agile Defense as a Software Assurance SME III and contribute to establishing a white-box testing capability within the USPTO by adding contractor expertise to engage with existing system and product owners, enhancing data security protections.

Responsibilities

• Perform code reviews to identify flaws in the development of custom applications that handle sensitive IP data
• Drive configuration auditing through review of system and network configurations for misconfigurations or insecure settings that could lead to exploitation
• Execute access controls to validate and assess whether internal access controls effectively enforce the principle of least privilege and prevent unauthorized access to IP data
• Generate reports that highlight security weaknesses uncovered during white-box testing and provide actionable remediation steps
• Ensure that critical issues are resolved before new software releases or system updates go live, especially if they affect data-sharing processes or BII systems
• Research, test, build, and coordinate the conversion and/or continuous integration pipelines and toolchains based on client requirements
• Design and develop new software products or major enhancements to existing software to support security operations
• Address problems of systems integration, compatibility, automation and orchestrations
• Assesses cloud security architectures and provide recommendations to improve overall infrastructure security and methods to automate security testing of applications moving through the CI/CD pipeline
• Consult with project teams and end users to identify application requirements
• Perform feasibility analysis on potential future projects to management