DevSecOps Engineer

About The Position

Requirements

• Ability to obtain a U.S. government Security Clearance
• BS Degree in an IT field OR BS in a non-IT field and 2 years related IT experience
• 3 Years of Experience with AWS services to support applications setup and managing IAM permissions in AWS
• 3 Years of Experience with Git SCM providers such as GitHub, GitLab, Bitbucket
• 3 Years of Experience with one or more programming or scripting languages
• 3 Years of application DevSecOps Experience with actual/active development experience in an Agile environment
• 3 Years of Experience implementing docker containers and utilizing platforms such as Kubernetes
• 3 Years of Experience implementing infrastructure as code and orchestration
• 3 Years of Experience writing and maintaining CI/CD pipelines with tools such as Jenkins, GitLab CI/CD, GitHub Pipelines, CircleCI, TravisCI
• 3 Years of Experience integrating deployments with industry standard DevSecOps tooling and orchestration
• Experience integrating test automation including performance, security, and functional tests into CI/CD Pipelines
• Experience using Terraform or Cloud Formation to build out infrastructure in AWS
• Experience administering EKS clusters
• Experience with support application releases to EKS clusters
• Expereince with setup logging and monitoring
• Experience automating backup and restore process
• Experience with setup automation needed for data ingestion
• Experience with support patching and maintenance for EKS clusters and VM instances
• Experience with support ATO by providing supporting artifacts and documentation
• Experience with ATO process specifically for government systems hosted in the cloud
• Proficiency in NIST SP 800-53 controls, DISA STIGs, SRGs, vulnerability scanning (e.g., ACAS, SCAP), and tools like eMASS
• Experience drafting key ATO documents
• Knowledge of AWS gov cloud environments
• Must posess one of the following industry certifications: Security+, AWS CCP or better, Azure AZ- 900 or better

Nice To Haves

• Experience implementing Automated Testing frameworks including Selenium
• DOD federal government experience
• Excellent written and verbal communication skills, interpersonal and collaborative skills
• Experience with documenting an as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations preferred
• Experience with scripting in Concourse, Bash, PowerShell, Python, Groovy, or Ruby
• Experience with automation tools, including Pivotal, Chef, Terraform, CloudFormation, or Ansible

Responsibilities

• Establishing development tools and infrastructure for automation
• Understanding the needs of stakeholders and conveying this to developers
• Automate and improve development, testing, deployment, and release processes
• Testing and examining code written by others and analyzing results
• Ensuring that systems are safe and secure against cybersecurity threats
• Identifying technical problems, performing root cause analysis, and developing software updates and ‘fixes’
• Working with software developers and software engineers to ensure that development follows established processes and works as intended
• Support enterprise Cloud applications or infrastructure through infrastructure as code including any activities around automated server or network configurations, large-scale software deployments, and monitoring and testing, such as CI/CD
• Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations
• Leverage virtualization and containerization to optimize and modernize software systems
• Act as an individual contributor and mentor more junior team members
• Work with teams to bring continuous improvement to DevSecOps processes and tools.
• Engineer and implement solutions and provide recommendations for continuous improvement for the services provided
• Present regular status updates and provide cross training to other DevOps team members.