Student Veterans of America Jobs

Welcome to SVA’s jobs portal, your one-stop shop for finding the most up to date source of employment opportunities. We have partnered with the National Labor Exchange to provide you this information. You may be looking for part-time employment to supplement your income while you are in school. You might be looking for an internship to add experience to your resume. And you may be completing your training ready to start a new career. This site has all of those types of jobs.

Here are a few things you should know:
  • This site is mobile friendly. You do not need a log-in or password to access information.
  • Jobs on this site are original and unduplicated and come from three sources: the Federal government, state workforce agency job banks, and corporate career websites. All jobs are vetted to ensure there are no scams, training schemes, or phishing.
  • The site is refreshed daily to remove out-of-date content.
  • The newest jobs are listed first, so use the search features to match your interests. You can look for jobs in a specific geographical location, by title or keyword, or you can use the military crosswalk. You may want to do something different from your military career, but you undoubtedly have skills from that occupation that match to a civilian job.
Home View All Jobs (2,213,317)

Job Information

Deloitte Cyber Vulnerability Management - Project Delivery Lead in Westlake, Texas

Deloitte's Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise.Work you will doAs a Project Delivery Lead in the operate engagements, you are responsible for adhering to the defined operating procedures and guidelines in operating the application security services in the Managed Services model, which includes the following:

  • Understand and be compliant with the Service Level Agreements defined for the SAST and SCA

  • Deep knowledge of application security engineering principles and helping client's development team to follow secure development practices which includes primarily monitoring and performing the security testing, secure code review, secure build, Software Composition Analysis processes.

  • Utilize SAST tools and methodologies to analyze source code, identifying security vulnerabilities and weaknesses in applications.

  • Conduct in-depth code reviews and analysis to identify and prioritize security issues. Collaborate with development teams to remediate vulnerabilities.

  • Manage and maintain SAST tools and associated infrastructure. Configure and fine-tune scans to align with specific project requirements.

  • Generate comprehensive reports on identified security vulnerabilities, their impact, and recommended remediation steps.

  • Lead a team of VM professionals, ensuring adherence to Service Level Agreements (SLAs).

  • Direct daily security operations, lead teams, and collaborate with key stakeholders to foster continuous improvements while ensuring operational stability.

  • Display strong leadership and communication skills to manage a team operating 24/7.

  • Collaborating with the development team to manage defects and issues. Helping prioritize and fix security-related issues at the code level.

  • Work closely with the development and DevSecOps teams to facilitate the resolution of security findings and track progress.

  • Provide training and awareness programs for development teams to enhance their understanding of secure coding practices.

  • Stay current with emerging threats, vulnerabilities, and industry best practices to ensure that SAST processes remain up-to-date and effective.

  • Use SCA tools and techniques to identify open-source components and dependencies within applications.

  • Ensure compliance with open-source licenses and provide guidance on license management.

  • Perform security assessments on open-source components to identify vulnerabilities and risks.

  • Evaluate the security, quality, and maintenance status of open-source components.

  • Collaborate with development teams to prioritize and remediate open-source vulnerabilities.

  • Maintain and configure SCA tools, ensuring they are integrated into the development process.

  • Maintain accurate records of open-source components, licenses, and known vulnerabilities.

  • Work closely with development teams and DevSecOps to facilitate the resolution of open-source component-related issues.

  • Stay up to date with industry trends, vulnerabilities, and best practices related to open-source software.

  • Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS.

The teamDeloitte's DevSecOps is a standardized process, to help clients with large development functions, and application dependencies for their day-to-day operations. The process enables the client to address key vulnerabilities and risks associated with their various application environment at different stages of their development lifecycle.

At the core of our Application Security Managed Services Team professionals' monitors, collects and analyses security related issues on application environment (both at code level and infrastructure level), that may potentially become a threat to an organization. This detection of application threats/vulnerabilities is carried out using a unique blend of our application security testing and monitoring tools and intelligence data collected through our vast experience within the Advice and Implement business.Required:

  • Bachelor's in Computer Science, Cyber Security, Information Security, Engineering, or Information Technology.

  • 6+ years of experience in application security development, security testing, secure code review, software composition analysis

  • Proficient in application specific vulnerabilities, code development and infrastructure knowledge

  • Proficient in investigation, troubleshooting and analytical problem-solving

  • Deep expertise in collecting, analyzing, and interpreting qualitative and quantitative data from defined application security services related sources (tools, monitoring techniques etc.)

  • Knowledge and experience of OWASP Top 10, SANS Secure Programming, Security Engineering Principles

  • Proven experience with SAST tools (e.g., Checkmarx, Fortify, Veracode) and scans using GitLab etc.

  • Skilled in performing code review of dot Net, Java, and Swift and objective C

  • Skilled in running, installing, and managing SAST and SCA tools, such as SonarQube, Checkmarx, Fortify, Contrast, Veracode, Black Duck, Snyk, WhiteSource in large enterprise.

  • Skilled in configuring and managing DAST and VM tools, such as Tenable IO in large enterprise.

  • Skilled in configuring and managing Attack Surface Management tools such as Xpanse.

  • Skilled in configuring and managing Prisma cloud workload protection, application security, WAAS etc.

  • Skilled in managing pen test scans and validations using tools such as Bishop Fox

  • Knowledge of Cyber asset management tools such as Axonius

  • Proven experience in application health monitoring tools such as Bitsight

  • Knowledge of open-source licensing and its implications.

  • Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk.

  • Knowledge of CI/CD tool set and integrating security tools with CI/CD tool set.

  • Skilled in conducting Secure code review and Software composition analysis using automated tools.

  • Experience with application monitoring, managed services business primarily on Secure code review, Software Composition Analysis.

  • Skilled in managing, leading, training and mentoring teams.

  • Excellent communication skills, both verbal and written.

  • Ability to travel up to 30%, on average, based on the work you do and the clients and industries/sectors you serve

  • Limited immigration sponsorship may be available

Preferred:

  • Strong understanding of programming languages and application security principles.

  • Solid and demonstrable comprehension of Information Security including OWASP/SANS, False Positive analysis, Vulnerability triaging and management

  • Understanding of software development practices and open-source software ecosystems.

  • Ability to research and characterize security vulnerabilities to include identification and classification of application related threat indicators

  • Previous consulting experience, particularly with Big 4 firms, is preferred.

  • Professional certifications around CISSP, Cloud, CISM, or CISA are highly desirable.

  • Solid understanding of the ITIL framework, with specific knowledge in Incident Management, Change Management, and Problem Management

Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $80,370 to $141,000.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

DirectEmployers