SecDevOps Engineer

About The Position

Requirements

• Version Control Systems Proficiency with Git
• Advanced knowledge of GitLab, including CI/CD pipelines, merge requests, and issue tracking
• Familiarity with branching, promotion, and release strategies (such as SemRel)
• Familiarity using internalized registries and repositories (Nexus dependency management, internal container registries, etc.)
• GitLab CI/CD
• GitLab runners (configuration and management)
• GitLab components (Or generally developing and utilizing templates for CI/CD jobs in any platform, such as GitHub Actions)
• Demonstrated proficiency with AWS (Lambda, EC2, S3, EBS/EFS, ECS, EKS, SNS, CloudWatch)
• Docker (building, deploying, and managing containers)
• Kubernetes (orchestration, deployment strategies, security, troubleshooting)
• Container security best practices Including container hardening strategies, such as maintaining a secure “golden” image
• Deploying and managing container-based runners hosted on EKS
• GitOps tools and deployment principles (such as ArgoCD/Flux)
• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)
• Interactive Application Security Testing (IAST)
• Software Composition Analysis (SCA)
• Container scanning tooling (Trivy, Prisma/Twistlock, Neuvector, etc..)
• Terraform (writing, managing, and optimizing Terraform configurations)
• Other IaC tools (e.g., CloudFormation, Ansible)
• Proficiency in scripting languages (e.g., Python, Bash)
• Basic to intermediate programming skills
• Experience working with a Linux-based shell, managing way around a Linux-based system
• Ability to work well in a paired programming environment at times
• Creating and maintaining automated security checks and remediations
• Integrating security into automated deployment processes
• Incorporating linting tooling into development processes
• Incorporating unit & performance testing into deployment processes

Nice To Haves

• GitLab certification desired but not required
• AWS certification desired but not required

Responsibilities

• Build GitLab-based DevSecOps automated pipelines into AWS gov cloud
• Support and enable application delivery times on CI/CD platform
• Manage and operate GitLab CI/CD