Software Applications Project Manager (Mid) 8/20/2016

The American Institutes for Research Washington, DC

Company
The American Institutes for Research
Job Classification
Full Time
Company Ref #
28908389
AJE Ref #
575946624
Location
Washington, DC
Job Type
Regular

JOB DESCRIPTION

APPLY
Be part of something innovative and cutting edge. Join our team of more than a hundred softwareengineers, designers, project managers and software specialists that are smart, creative and excited by what they do.

Some of our ground-breaking work includes:
* advanced computer-adaptive algorithms (only one that's peer-approved in the country)
* mobile support for the user interfaces
* learning management systems with social media features
* user interfaces that are universally accessible to people with or without disabilities
* innovative, machine-scorable items

The American Institutes for Research (AIR) is a leading professional services firm with a growing software engineering and product development team. We design and build things that are inspiring and make a real impact in the online testing industry.

As a result of our continued growth, we are currently seeking a Software Applications Project Manager for our Washington, D.C. office.

Responsibilities

The Software Operations Project Manager will be primarily responsible for the following:

* Comfortable working on multiple projects simultaneously, with an inherent ability to work well under tight timelines, and have strong problem-solving capabilities.
* Develop requirements, budgets, and schedules for the software development projects.
* Facilitate requirements meetings, including the peer review sessions, and status meetings with clients and project team.
* Establish milestones, anticipate issues, and monitor adherence to project scope, requirements and design documents, schedules, and to the CSSC software development process.
* Assume day-to-day responsibility for ensuring that the project is completed on time and within budget, and that all deliverables are of the highest quality.
* Work closely with the CSSC Technical Project Management team to: share best practices, help resolve project issues, and ensure that staff is properly allocated to tasks by considering staff's skills and interests, and the project's needs.
* Maintain client relations and communications including status reporting and informal conversations.
* Manage and increase the effectiveness and efficiency of the Operations Team and HelpDesk support, through proper troubleshooting and prioritization methods as well as coordination and communication between the clients and the internal team.
* Ensure high-quality customer service and address and maintain frequent and proactive contact with the clients.
* Possess ability to understand technical concepts, including data relationships and software configuration.

Qualifications

* Bachelors degree in Computer Science, Engineering, Sciences, Mathematics (or related disciplines)
* 8+ years of technical information security experience; minimum of 5 years with hands-on experience in application and system/network security testing
* Strong understanding of information system security vulnerability assessment/testing on a wide variety of technologies and implementations utilizing both automated tools and manual techniques
* Significant experience performing web application security/penetration testing in accordance with well- known methodologies from OWASP, SANS, and NIST
* Demonstrate significant experience in testing multiple Operating Systems (Windows, Linux, and OSX) as well network devices
* Significant hands on experience with manual web application assessment and penetration testing methods related to web application mapping, reviewing client-side controls, testing user-input fields, and attacking session management, authentication, access controls, encryption, and backend databases/data stores
* Maintain high level of proficiency of hands-on experience with open source and commercial vulnerability assessment and penetration testing tools such as HP WebInspect/IBM AppScan/, Tenable Nessus/Rapid 7 NeXpose/Cenzic Hailstorm, Burp Suite, OWASP tools, Nmap, Wireshark, Fiddler, Firebug, Metasploit/Core Impact, sqlmap, ettercap, Caine and Able, BeEF, DirBuster, as well as tailor-made penetration testing distributions such as Kali Linux and Samurai WTF
* Analyzing security findings to ascertain false positives and assign appropriate severity scores and priorities
* Work in a team environment or independently when necessary and be self-directed when appropriate

Preferred Qualifications:
* Industry information security certifications: OSCP/OSCE/OSWE, GPEN, GWAPT, CEH, CISSP
* Good understanding of the components of a secure SDLC
* Experience with scripting languages/programming languages: JavaScript, PHP, Python, JavaScript, Java, shell scripting, C/C++, jQuery, ASP, .NET, and HTML
* Experience with mobile application assessment and penetration testing
* Knowledge of and/or experience with Security Event and Incident Management systems, intrusion detection/prevention system technologies and deployment strategies, content/spam filtering, firewall configuration and rule maintenance
* Experience in performing static code analysis tools such as HP Fortify, Veracode, or IBM AppScan Source
* Ability to identify and 0-day issues employing scripting languages, programming languages, Assembly, and disassemblers/decompilers (IDA Pro, Flare) and debuggers (Ollydbg, GDB, WinDbg)