HPCC Sr Dev Sec Ops Engineer- Secret Required- Onsite, Orlando,FL

Lockheed Martin•Orlando, FL

1d•Onsite

About The Position

We are seeking an experienced and motivated Sr. DevSecOps Engineer. The DevSecOps Engineer will be responsible for new and existing HPC production and development environments. Deployment of new tools, infrastructure security, monitoring, auto-recovery, performance tuning and installation/configuration of applications. The DevSecOps Engineer plays a pivotal role in establishing secure workflows and patterns for end-to-end application lifecycle management. The ideal candidate for this position has worked in agile software development environments, taking ownership of their tasks/stories, and contributing to various products. At times, they may need to work closely with the architects and process owners who have designed the solutions to firm up requirements or perform testing. Other responsibilities include: Containerization and automation of existing and new applications in airgap environments. Identifying and resolving technical challenges through innovative software solutions. Working with software developers and engineers to create secure repeatable DevSecOps workflows and patterns. Ensure the success of complex security requirements and compliance for container environments, CI/CD, DevOps, Infrastructure, and Kubernetes initiatives in classified environments. Documenting infrastructure configurations, processes, and procedures. Automating repetitive tasks to increase efficiency and reduce errors in the image hardening process. Developing best practices to increase the velocity of secure image updates and patch management. Implementing and managing automated compliance scanning tools (SAST/DAST/Fuzzing) within the build pipeline. Implementing Infrastructure as Code (IaC) using Terraform or similar tools to stand up secure environments.

Requirements

Current US DoD SECRET clearance.
Proficiency with git and version control systems (Github, GitLab) in a team setting.
Experience with containerization (Podman, Docker, Kubernetes) and container security.
Experience designing infrastructure as code solutions using Terraform and Ansible.
Experience with CI/CD tooling (GitHub Actions, GitLab CI, Jenkins, ArgoCD, FluxCD, or similar).
Experience with Linux (RHEL, RockyOS) administration and hardening.
Knowledge of DevSecOps processes and software supply chain security (SBOMs, signing, verification)
Knowledge of software development lifecycle and SDLC promotion strategies.
Knowledge of secrets management platforms and software ( HashiCorp Vault, SOPS, HSM ).
Knowledge of virtualization technologies ( VMWare ).

Nice To Haves

Experience using Helm, FluxCD, ArgoCD, Version Control, and Harness for deploying and managing kubernetes clusters in airgap environments using GitOps best practices to manage cluster state and bootstrap new clusters.
Experience deploying and managing HashiCorp Vault and Vault Secrets Operator.
Experience with Elasticsearch or equivalent applications for monitoring and alerting such as Prometheus and Grafana or Splunk.
Some experience containerizing Node.js and Go based applications.

Responsibilities

Containerization and automation of existing and new applications in airgap environments.
Identifying and resolving technical challenges through innovative software solutions.
Working with software developers and engineers to create secure repeatable DevSecOps workflows and patterns.
Ensure the success of complex security requirements and compliance for container environments, CI/CD, DevOps, Infrastructure, and Kubernetes initiatives in classified environments.
Documenting infrastructure configurations, processes, and procedures.
Automating repetitive tasks to increase efficiency and reduce errors in the image hardening process.
Developing best practices to increase the velocity of secure image updates and patch management.
Implementing and managing automated compliance scanning tools (SAST/DAST/Fuzzing) within the build pipeline.
Implementing Infrastructure as Code (IaC) using Terraform or similar tools to stand up secure environments.