Principal Cloud Developer with DevSecOps Experience

About The Position

Requirements

• 5+ years of experience in IT system engineering, systems development, systems coding and programming
• Strong experience implementing and supporting end-to-end automated DevSecOps pipelines (CI/CD) and processes
• Strong background in Infrastructure as code
• Knowledge of large-scale infrastructure migration methodologies and techniques (IaaS/PaaS) including application migrations to cloud platforms (AWS)
• Experienced in developing, testing, and maintaining containerized applications
• Comprehensive knowledge of security compliance and security control
• This role will require Linux knowledge
• Experienced in using DevSecOps implementation using Jenkins, Gitlab, or similar tools
• Excellent presentation and communication (oral and written) skills
• Consultant mindset with the ability to work with high level customer stakeholders and build excellent customer relationship
• Experience identifying and applying industry tools, solutions, methods best practices, and emerging technologies
• Strong analytical skills and problem-solving skills with the ability to formulate and communicate recommendations for improvement
• Demonstrated ability to work effectively, independently, and as part of a team
• At least one certification at any level for one or more of the following cloud platforms is required: Microsoft Azure, Google Cloud Platform, Amazon Web Services (AWS), or Oracle Cloud
• Must be able to pass a background check to obtain a position of Public Trust.
• Must be US Person (Green Card Holder, US Permanent Resident Alien, Refugee, Asylee, or US Citizen)

Nice To Haves

• Cloud Development
• DevOps
• Linux

Responsibilities

• Provide DevSecOps platform services that integrate security, compliance, and monitoring into all phases of cloud infrastructure and data products lifecycle management
• Integrate IT Security Office approved-automated security controls, orchestrating vulnerability management, administering policy compliance, and providing continuous monitoring
• Maintain secure and stable systems that enable continuous integration and delivery and reduce operational risk and support enterprise agility
• Perform continuous scanning of all source and executable repositories for evolving threats detected after services are implemented
• Ensure all code and IaC changes are version-controlled, peer-reviewed, security-scanned, and approved before promotion to production
• Maintain continuous monitoring and alerting for all production deployments, with rollback procedures in place
• Provide CI/CD pipeline and workflows for building, testing, and deploying.
• Promote workloads across environments with automated controls and approvals
• Integrate security and compliance checks into CI/CD pipelines
• Document all DevSecOps processes, standards, and toolset configurations, and maintain version-controlled documentation accessible to stakeholders
• Integrate change control gates into the automated CI/CD workflow, with appropriate controls to prevent unauthorized or unreviewed code deployments to production
• Coordinate with AO teams to establish and maintain standards for DevSecOps processes and toolsets, ensuring integration and interoperability across the enterprise ecosystem
• Facilitate integration with third-party development, operations, and security tools to enable end-to-end visibility and control
• Provide comprehensive end-user guides and training content for containerized pipeline features and security practices for the development team members.
• Conduct regular review and updates of DevSecOps practices and toolsets to incorporate emerging technologies, threat intelligence, and lessons learned
• Create DevSecOps metrics reports (example: deployment frequency, mean time to resolution, vulnerability remediation time) to demonstrate effectiveness and drive improvement

Benefits

• 401K with company match
• competitive pay
• paid time off
• variety of medical plan options
• dental plan options
• a vision plan
• full flex work weeks where possible
• vacation
• sick and personal time
• holidays
• paid parental
• military
• bereavement
• jury duty leave
• Paid Family Leave program
• short and long-term disability benefits
• life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance