Security Transformation Practitioner

About The Position

Requirements

• Bachelor’s degree or equivalent experience and minimum 8 years prior relevant experience, or Master’s degree in a related field and minimum 5 years of experience.
• Solid understanding of Linux/Unix Administration.
• Experience with containerization and orchestration technologies, particularly Docker and Kubernetes.
• Proficient in one or more computer programming languages commonly used in scripting & automation. IE: Bash, Python, Go, Rust
• Proficient in applying DISA STIGs within cloud and containerized environments.
• Demonstrated experience in automating deployments and developing infrastructure as code (IaC).
• Strong background in DevOps practices and tools, including Jenkins, Git, Ansible, and Terraform.
• Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment.
• Effective communication skills, both written and verbal, with the ability to present technical information to a non-technical audience.
• Possess and maintain relevant DoD 8570/8140 IAT level II Certification.
• Possess one or more of the following certifications: AWS DevOps Professional, Certified Kubernetes Security Specialist, GIAC Cloud Security Automation (GCSA), Certified DevSecOps Professional (CDP).
• An active TS/SCI is required

Nice To Haves

• Preferred candidate has a background in incident response and/or DevSecOps.
• Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment.
• Effective communication skills, both written and verbal, with the ability to present technical information to a non-technical audience.

Responsibilities

• Design, deploy, and manage security solutions (Scanning, IDS/IPS, NIDS/NIPS, SIEM) in a hybrid environment.
• Empower developers and data scientists’ customers to move fast while championing security at the start, understand friction points and implement solutions.
• Make sure appropriate measures are implemented for secure application development and supply chain protection.
• Research and recommend technical solutions to various controls by understanding NIST 800-53 Risk Management Framework (RMF) and CNSSI 1253 & assist in developing policies, procedures and guidelines.
• Lead the effort in closing out Plan of Action & Milestones (POA&M) items that are associated with technology-related control items and findings.
• Responsible for implementing security solutions within container orchestration technologies such as Docker and Kubernetes.
• Conducting risk assessments and vulnerability assessments via implementing CI jobs to scan for various security defects such as SAST, DAST & container scanning.
• Apply DISA STIGs to ensure compliance with security standards and policies.
• Collaborating with other IT professionals to ensure that security is integrated into all aspects of the organization's IT infrastructure.
• Stay abreast of latest security threats, tools and techniques and recommend defense in depth strategies to mitigate risk to the organization.
• Provide mentorship and guidance to the team on cybersecurity best practices and basic cyber hygiene.

Benefits

• Accenture Federal Services offers a wide variety of benefits.