DevSecOps (DSO) Engineer

About The Position

Requirements

• Bachelor’s degree in computer science, information systems, or related field
• 8+ years of DevSecOps, information technology, software development, or build management
• Experience coding or scripting
• Experience designing and using container systems such as Docker, Kubernetes, Incus, LXC
• Experience designing and implementing DevSecOps pipelines in a highly regulated cloud environment
• Experience setting up, configuring, and monitoring Virtual Machine environments like VMWare
• Experience working with Kubernetes, including Services, Ingresses, ConfigMaps, and Secrets
• Experience deploying and maintaining applications in cloud systems like Amazon AWS, EKS, Azure, and AKS.
• Experience with Windows and Linux system administration, including Bash and PowerShell
• Strong understanding of networking
• Experience with all phases of the software development lifecycle
• Experience with CI/CD pipeline tooling including build, test, code scanning, deployment
• Experience deploying to production environments
• Understanding of continuous monitoring, security scanning, container image scanning, identity management, PKI, IaC, CaC
• Experience with tools such as SonarQube, Parasoft, Fortify, Nessus, Git, JFrog Artifactory, Sonatype Nexus, Jenkins, GitHub, Gitlab, Helm, Atlassian Bitbucket, and Jira
• Ability to lead and mentor others
• Strong communication skills both written and verbal
• Ability to present ideas and concepts effectively
• Ability to work independently and with team members
• Experience utilizing software configuration management
• Experience with Agile or Lean software development methodologies
• Must be a US citizen and with the ability to obtain and maintain a US Government Security Clearance

Nice To Haves

• Experience with government DevSecOps best practices
• Experience with Azure GCC High
• Strong practical experience using GitHub, JFrog Artifactory, and SonarQube
• CompTIA Security+ Certification
• Entra ID experience
• Database replication and data obfuscation experience
• Experience migrating from on-premises environments to Azure GCC High
• Experience with ArgoCD
• Experience authoring Helm charts
• Superior analytical and problem-solving abilities
• Capability of writing and troubleshooting application code in at least one programming or scripting language
• Cloud, Security, or IT Certification
• Experience with both cloud and on-prem development
• Experience working with Cyber Security processes
• 10+ years of software development or information systems experience
• Software quality assurance experience

Responsibilities

• Works with multiple engineering and IT disciplines to ensure software and systems are designed, built, and fielded in a secure, compliant manner
• Works with development to modernize the architecture of existing software applications
• Designs, implements, manages, and documents DevSecOps pipeline tooling from end-to-end while following established SDL, government, and industry standards
• Helps establish secure reusable solutions and processes
• Supports a Software Factory via build pipelines and associated tooling
• Designs, builds, and configures a CMMC-compliant Linux environment in Azure GCC High
• Provides support for development and production of enterprise database-backed web applications
• Provides support for development and production of data engineering workloads
• Assists in migrating the current on-premises system to the GCC High environment
• Collaborates closely with the team and be responsible for CI and automation to ensure alignment with the GCC High environment and deployment processes
• Sets up monitoring and logging for the GCC High environment
• Provides guidance on best practices and industry standards to support decision making
• Maintains strict confidentiality of sensitive information

Benefits

• SDL offers competitive salaries and a comprehensive benefits package
• Visit our Benefits Page to learn more about what we offer.
• At SDL, we strive to uphold a culture of respect, collaboration, empowerment, and accountability.