Senior Security DevOps Engineer

About The Position

Requirements

• Bachelor’s Degree or equivalent experience and minimum 8 years prior relevant experience, or Masters Degree in a related field and minimum 5 years of experience.
• Solid understanding of Linux/Unix Administration.
• Experience with containerization and orchestration technologies, particularly Docker and Kubernetes.
• Proficient in one or more computer programming languages commonly used in scripting & automation (e.g., Bash, Python, Go, or Rust).
• Proficient in applying DISA STIGs within cloud and containerized environments.
• Demonstrated experience in automating deployments and developing infrastructure as code (IaC).
• Strong background in DevOps practices and tools, including Jenkins, Git, Ansible, and Terraform.
• Possess and maintain relevant DoD 8570/8140 IAT level II.
• An active TS/SCI is required.

Nice To Haves

• Direct experience with Elasticsearch, Kibana (ELK) Stack deployment and maintenance to include fleet and agent setup.
• AWS Elastic Kubernetes Service (EKS) experience.
• Gitlab CI/CD pipeline engineering experience.
• Familiarity with one or more of Java/Kotlin/NPM programming languages.
• Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment.
• Effective communication skills, both written and verbal, with the ability to present technical information to a non-technical audience.
• Preferred candidate has a background in incident response and/or DevSecOps.

Responsibilities

• Design, deploy, and manage security solutions (Scanning, IDS/IPS, NIDS/NIPS, SIEM) in cloud environments as well as cloud air-gapped environments.
• Empower developers and data scientists to move fast while championing security at the start, understand friction points and implement solutions.
• Ensure appropriate measures are implemented for secure application development and supply chain protection.
• Research and recommend technical solutions to various controls by understanding NIST 800-53 Risk Management Framework (RMF) and CNSSI 1253 & assist in developing policies, procedures and guidelines.
• Lead the effort in closing out Plan of Action & Milestones (POA&M) items that are associated with technology-related control items and findings.
• Implement security solutions within container orchestration technologies such as Docker and Kubernetes.
• Conduct risk assessments and vulnerability assessments via implementing CI jobs to scan for various security defects such as SAST, DAST & container scanning.
• Apply DISA STIGs to ensure compliance with security standards and policies.
• Collaborate with other IT professionals to ensure that security is integrated into all aspects of the organization's IT infrastructure.
• Stay abreast of latest security threats, tools and techniques and recommend defense in depth strategies to mitigate risk to the organization.
• Provide mentorship and guidance to the team on cybersecurity best practices and basic cyber hygiene.

Benefits

• Hands-on experience
• Certifications
• Industry training
• Wide variety of benefits