Information Systems Security Officer w/ DevSecOps exp.- TS/SCI security clearance required

About The Position

Requirements

• Bachelors Degree or equivalent experience and minimum 8 years prior relevant experience, or An Advanced Degree in a related field and minimum 5 years experience.
• Solid understanding of Linux/Unix Administration.
• Experience with containerization and orchestration technologies, particularly Docker and Kubernetes. Proficient in one or more computer programming languages commonly used in scripting & automation. IE: Bash, Python, Go, Rust
• Proficient in applying DISA STIGs within cloud and containerized environments.
• Demonstrated experience in automating deployments and developing infrastructure as code (IaC).
• Strong background in DevOps practices and tools, including Jenkins, Git, Ansible, and Terraform.
• Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment.
• Effective communication skills, both written and verbal, with the ability to present technical information to a non-technical audience.
• Possess and maintain relevant DoD 8570/8140 IAT level II Certification.

Nice To Haves

• Preferred candidate has a background in incident response and/or DevSecOps.
• Possess one or more of the following certifications: AWS DevOps Professional, Certified Kubernetes Security Specialist, GIAC Cloud Security Automation (GCSA), Certified DevSecOps Professional (CDP).

Responsibilities

• Design, deploy, and manage security solutions (Scanning, IDS/IPS, NIDS/NIPS, SIEM) in a hybrid environment.
• Research and recommend technical solutions to various controls by understanding NIST 800-53 Risk Management Framework (RMF) and CNSSI 1253 & assist in developing policies, procedures and guidelines.
• Lead the effort in closing out Plan of Action & Milestones (POA&M) items that are associated with technology-related control items and findings.
• Responsible for implementing security solutions within container orchestration technologies such as Docker and Kubernetes.
• Conducting risk assessments and vulnerability assessments via implementing CI jobs to scan for various security defects such as SAST, DAST & container scanning.
• Apply DISA STIGs to ensure compliance with security standards and policies.
• Collaborating with other IT professionals to ensure that security is integrated into all aspects of the organization's IT infrastructure.
• Stay abreast of latest security threats, tools and techniques and recommend defense in depth strategies to mitigate risk to the organization.
• Provide mentorship and guidance to the team on cybersecurity best practices and basic cyber hygiene.

Benefits

• Health and Wellness Benefits Medical Insurance (three CareFirst healthcare plans to choose from, Dental and Vision Insurance, 75% covered for employee/ 50% per dependant Health Savings Account (HSA) contributions $1500 individual/ $3000 family
• Personal Insurance Benefits Company-paid Life Insurance and AD&D coverage Company-paid Short-term and Long-term Disability Insurance
• Paid Leave Employees receive 20 days of vacation/10 holidays built into hourly rate/ 5 days of sick time (currently used for snow, jury, bereavement)
• Retirement Pre-tax 401k program including 6% company match 100% fully vested from eligibility date Eligible after 90 days of employment