About Us:
BlackSky is a geospatial intelligence solutions provider that enables organizations to task, collect, and transform data from earth observation, global sensor networks, mobile devices, and social media to deliver on-demand insights about places, events, and assets that are critical to their operations. BlackSky provides satellite collection, data, and cloud-based processing and analytic solutions to organizations that are capitalizing on the exponential growth of a wide range of sensor and collection platforms for delivering the next generation of geo-intelligence and location intelligence solutions. BlackSky has extensive expertise and capabilities in commercial remote sensing, multi-source analytics, cloud computing, open source software development, Amazon Web Services, and big data geospatial analytics. BlackSky is operating and deploying a constellation of high-resolution imaging spacecraft to image the planet in near real time.
Responsibilities:
- Familiarity with licensed and open-source dynamic, static, and interactive code analysis security testing tools
- Experience coordinating and performing vulnerability assessments using automated and manual tools
- Familiarity with API Security, Container Security, AWS Cloud Security
- Knowledge of DISA STIGs, NIST 800-53, NIST 800-171, and DoD RMF
- Experience using Vulnerator and STIG Viewer tools
- Experience developing Plan of Action & Milestone (POA&M) documentation
- Familiarity with Amazon AWS Policy, Configuration, and Security Management tools.
- Experience with security automation and machine learning.
- Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
- Capability to prepare security vulnerability and risk management reports for management.
- Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
- Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
- Experience configuring, implementing, and leveraging computer security and networking diagnostic/monitoring tools.
- Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc.)
- Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
Qualifications:
- 3+ years’ experience performing application security activities
- 5+ years’ experience in cybersecurity
- Desired Security Certifications: Certified Information Systems Security Professional (CISSP) and/or Certified Secure Software Lifecycle Professional (CSSLP)
Desired Skills:
- Experience with Windows and Linux environments
- Strong experience using HP Fortify
- Experience using other SAST and DAST tools (e.g., Defect Dojo, Coverity, Veracode, Checkmarx, and Netsparker)
- Experience using Tenable Nessus and NMAP
- Cloud Solutions: AWS Commercial, AWS GovCloud, VMware ESXi
- Infrastructure as Code: AWS CloudFormation, HashiCorp Terraform
- Coding & Scripting: Python, Java, JavaScript, BASH, PowerShell
- Container Technologies: Docker, ECS, Nomad, HashiCorp product stack
BlackSky is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer All Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, disability, protected veteran status or any other characteristic protected by law.
EEO/AAP/ Pay Transparency Statements: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf
https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf
