Cybersecurity Engineer - Software Assurance Implementation

***To be considered for this role, you must be a US Citizen and have an active US government security clearance.  Additionally, you must either live near or be willing to move to the Boulder, CO area.***


About Centil



Centil represents the intersection of innovation and trusted expertise required for keeping rapid pace with the dynamic and emergent technological needs of Aerospace, Defense, and Government systems. Our trusted team of engineers excel in deploying value stream management, short-cycle feedback loops, infrastructure on-demand, and secure, disciplined pipelines to our customers. If you are interested in learning more about Centil or our team, check out our website at www.centil.io.

Centil is a talented team of trusted engineers working to provide optimized and effective technology value streams for defense industry clients. We believe in a culture of innovation, empowerment and collaboration. We place a high value on learning and growth, providing ongoing support to our team to learn new skills and become fulfilled in both their personal and professional life.

Centil is hiring exceptional individuals to join our growing team. We look for candidates who are inspired and passionate, highly collaborative, and who demonstrate the courage to challenge the status quo with forward thinking ideas and practices. We also seek out individuals who demonstrate servant leadership by supporting their colleagues with a sense of positivity, humility and open mindedness.



About the role


This opening is for a Cybersecurity Engineer to support our Missile Track Custody program in the execution of software assurance activities, focusing on secure development practices and vulnerability management.


The ideal candidate has 3-5 years of professional experience in cybersecurity software development or related fields. They possess a deep understanding of secure development practices, vulnerability management, and the ability to integrate security into the DevSecOps pipeline. Proven technical expertise in static code analysis and a solid understanding of secure software engineering principles are critical to success in this role.


This position will work closely with other engineers and program leadership to support the overall goals and objectives of the program.



What you'll do

  • Develop the Software Assurance Plan as part of the Program Protection Implementation Plan (PPIP), detailing secure coding, vulnerability assessment, and remediation strategies.
  • Conduct immediate Static Code Analysis and Vulnerability Scanning on mission-unique software, identifying and tracking vulnerabilities.
  • Collaborate with the MSOC Software team to implement secure software development practices and ensure vulnerabilities are remediated according to the Software Assurance Plan.
  • Provide ongoing vulnerability assessments, periodic code reviews, and Software Assurance metrics to track progress and compliance.


Required Qualifications

  • Current Secret security clearance or higher
  • 3-5 years of professional experience in software assurance, cybersecurity or a related field
  • Proficiency with Static Code Analysis Tools: Hands-on experience with tools such as Coverity, CodeSonar, Parasoft C/C++test, Fortify Static Code Analyzer, LDRA Tool Suite, or equivalent. Ability to configure, run, and interpret analysis results.
  • Secure Software Development Expertise: Strong understanding of secure coding principles and the ability to embed security into all phases of the SDLC.
  • Threat Identification and Mitigation: Experience identifying software vulnerabilities and proposing actionable mitigation strategies based on analysis results.
  • Proficient in applying Risk Management Framework (RMF) principles to assess, mitigate, and monitor security risks across systems and processes.
  • Collaboration Skills: Demonstrated ability to work closely with development teams, testers, and stakeholders to integrate security practices seamlessly into workflows.
  • Documentation and Reporting: Ability to document findings, prepare reports for stakeholders, and guide remediation efforts.
  • CompTIA Security+ certification (or willingness/ability to obtain within 6 months of start date)



Preferred Qualifications

  • Knowledge of Program Protection Implementation Plan (PPIP)
  • Knowledge of relevant regulatory compliance standards and regulations (e.g., NIST SP 800-53, DoD policies, ISO 27001)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Secure Software Lifecycle Professional (CSSLP)
  • GIAC Secure Software Programmer (GSSP)
  • Certified Ethical Hacker (CEH)
  • Certified Information Security Manager (CISM)
  • GIAC Certified Incident Handler (GCIH)


Other Company Requirements

In addition to job-specific requirements, Centil believes it is important for all employees to possess the following skills/characteristics:

  • Strong communication (written and verbal) and presentation skills.  Ability to passionately deliver high-level messaging to various types of audiences--this will eventually include senior leaders.  Ability to explain technical concepts clearly to non-technical personnel
  • Self-motivated individual who actively and independently seeks out opportunities for learning and development
  • Collaborates well; enjoys working as part of a team
  • DoD Secret or higher clearance is required


Expected Salary Range


Depending on experience and skillset, most candidates will earn between $110,000 and $180,000 per year.

Please note that the salary range is a general guideline only. We consider many factors when determining salaries including, but are not limited to, scope and responsibilities of the position, candidate’s work experience, education, training, certifications, key skills, and mission/customer familiarity. We combine these factors with market and business considerations to extend a job offer.



Benefits


Centil offers a comprehensive benefits package including the following:

  • Generous PTO for vacation, personal, or sick days
  • Ten (10) paid holidays per year:  8 fixed holidays, plus 2 additional Floating Holidays per year (taken at Employee's discretion)
  • Flex time and the ability to create your own schedule
  • Discretionary bi-annual bonus plan, based on individual and company performance
  • 401K retirement plan with immediately vested company contributions, no matching required
  • Healthcare coverage plan through a Qualified Small Employer Health Reimbursement Arrangement (QSEHRA)
  • Employer-paid Life, Short-Term Disability, Long-Term Disability, and Accidental Death and Dismemberment insurances
  • Access to optional, employee-paid Life, Accident, Critical Illness, and Hospital Indemnity insurances
  • Access to a Dependent Care Flexible Spending Account (FSA)
  • Paid training and conference attendance
  • Additional benefits, as needed, for significant life events: parental leave, bereavement leave, jury duty pay, military leave pay
  • One-time home office reimbursement
  • Phone plan reimbursement
  • Employee Assistance Program (EAP) services, supporting emotional health and well-being of employees and their families

Centil is an Equal Opportunity Employer.  Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veteran status or any other status protected by applicable law.

Engineering

Lafayette, CO

Share on:

Terms of servicePrivacyCookiesPowered by Rippling