Startup Jobs
Post a Job
Aretum

Code Reviewer, Software Assurance - Senior

McLean , United States
full-time Remote

AI overview

Lead manual and automated code reviews to ensure security and quality across applications while mentoring a team and collaborating with cross-functional partners.

Client Suitability Required

About Aretum 

Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.

Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.  

Responsibilities

  • Lead detailed manual and automated code reviews with 4+ Software Assurance Analysts to identify security, quality, and compliance issues across custom-developed applications.
  • Directly interface with customer leadership on an as needed basis to support customer initiatives.
  • Mentor and support a team of Software Assurance Analysts on secure code practices.
  • Maintain and improve internal procedures and knowledgebases for secure code analysis.
  • Utilize industry-standard tools (e.g., Fortify SCA, CodeQL, SonarQube) to perform static code analysis and interpret results.
  • Prioritize and manage large backlog of code review requests, ensuring timely and accurate assessments.
  • Provide expert guidance to developers and security analysts on secure coding standards and remediation best practices.
  • Collaborate with cross-functional teams including software engineers, program managers, and security teams to ensure alignment with security and quality objectives.
  • Maintain detailed documentation of findings, associate risks, and mitigation strategies for customer-facing reports.
  • Perform threat modeling and risk analysis to contextualize vulnerabilities and recommend mitigation steps.
  • Conduct secure code training and knowledge-sharing sessions to upskill Software Assurance Team members.
  • Stay current with emerging technologies, vulnerabilities, and industry standards (e.g., OWASP, NIST, ISO).
  • Continuously improve code review processes and tool effectiveness through metrics and feedback loops.

Requirements

  • Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity, or related field (Master’s preferred).
  • 8+ years of professional software development experience with strong proficiency in at least two major programming languages (e.g., Java, C#, Python, JavaScript).
  • 5+ years of full-time, dedicated experience in a security-focused code review or SAST auditor role, performing independent security assessments using tools such as Fortify SCA, CodeQL, or equivalent. (Experience must be in a capacity separate from software development teams, not as a developer securing their own code.)
  • Proven expertise in secure coding practices and application security frameworks, including OWASP Top 10, CWE/SANS, and threat modeling, with demonstrated experience applying these frameworks in an audit, assessment, or security review capacity. Strong knowledge of SDLC, DevSecOps practices, and CI/CD integration for automated security testing.
  • Background in cybersecurity and risk management, with the ability to evaluate business impact and risk prioritization.
  • Experience managing high-volume code review workflows and balancing competing priorities.
  • Excellent communication skills, with the ability to convey technical findings clearly to both technical and non-technical stakeholders.
  • Certifications strongly preferred: one or more of the following – CISSP, CSSLP, GWAPT, OSWE, or similar.
  • Strong analytical and problem-solving skills, with attention to detail and commitment to high-quality work.
  • Must be able to pass a government background investigation
  • Leadership or mentorship experience in secure software development teams

Travel Requirements 

This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible.  

 

EEO Statement 

Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance.  

As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws.  

We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience.  

Equal Opportunity Employer/Veterans/Disabled 

 

U.S. Work Authorization 

Due to federal contract requirements, only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements.   

Benefits

  • Health Care Plan (Medical, Dental & Vision) 
  • Retirement Plan (401k)
  • Life Insurance (Basic, Voluntary & AD&D) 
  • Paid Time Off
  • Family Leave (Maternity, Paternity) 
  • Short Term & Long-Term Disability 
  • Training & Development

Perks & Benefits Extracted with AI

  • Health Insurance: Health Care Plan (Medical, Dental & Vision)
  • Training Opportunities: Training & Development
  • Paid Parental Leave: Family Leave (Maternity, Paternity)
  • Paid Time Off: Paid Time Off
Aretum

ARETUM, LLC (ARETUM) is a leading government contracting company specializing in technology-enabled mission support services for the Department of Defense, Department of Homeland Security, and Civilian agencies. ARETUM provides leading-edge solutions and outstanding service to Federal clients focusing on Next Generation Analytics, Engineering Services, Training Services, IT Systems, Cyber Security, PMO Support, and Financial Consulting.

Website LinkedIn
View all jobs
Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Report this job
Apply for this job