Sr. Cloud Developer with DevSecOps experience

About The Position

Requirements

• 5+ years of experience in IT system engineering, systems development, systems coding and programming.
• Strong experience implementing and supporting end-to-end automated DevSecOps pipelines (CI/CD) and processes.
• Strong background in Infrastructure as code.
• Knowledge of large-scale infrastructure migration methodologies and techniques (IaaS/PaaS) including application migrations to cloud platforms (AWS).
• Experienced in developing, testing, and maintaining containerized applications.
• Comprehensive knowledge of security compliance and security control.
• Excellent presentation and communication (oral and written) skills
• Consultant mindset with the ability to work with high level customer stakeholders and build excellent customer relationship
• Experience identifying and applying industry tools, solutions, methods best practices, and emerging technologies
• Strong analytical skills and problem-solving skills with the ability to formulate and communicate recommendations for improvement
• Demonstrated ability to work effectively, independently, and as part of a team

Nice To Haves

• Experienced in using DevSecOps implementation using Jenkins, Gitlab, or similar tools.
• Certification for one or more of the following cloud platforms: Microsoft Azure, Google Cloud Platform, Amazon Web Services (AWS), and Oracle Cloud.

Responsibilities

• Provide DevSecOps platform services that integrate security, compliance, and monitoring into all phases of cloud infrastructure and data products lifecycle management
• Integrate IT Security Office approved-automated security controls, orchestrating vulnerability management, administering policy compliance, and providing continuous monitoring
• Maintain secure and stable systems that enable continuous integration and delivery and reduce operational risk and support enterprise agility
• Perform continuous scanning of all source and executable repositories for evolving threats detected after services are implemented
• Ensure all code and IaC changes are version-controlled, peer-reviewed, security-scanned, and approved before promotion to production
• Maintain continuous monitoring and alerting for all production deployments, with rollback procedures in place
• Provide CI/CD pipeline and workflows for building, testing, and deploying.
• Promote workloads across environments with automated controls and approvals
• Integrate security and compliance checks into CI/CD pipelines
• Document all DevSecOps processes, standards, and toolset configurations, and maintain version-controlled documentation accessible to stakeholders
• Integrate change control gates into the automated CI/CD workflow, with appropriate controls to prevent unauthorized or unreviewed code deployments to production
• Coordinate with AO teams to establish and maintain standards for DevSecOps processes and toolsets, ensuring integration and interoperability across the enterprise ecosystem
• Facilitate integration with third-party development, operations, and security tools to enable end-to-end visibility and control
• Provide comprehensive end-user guides and training content for containerized pipeline features and security practices for the development team members.
• Conduct regular review and updates of DevSecOps practices and toolsets to incorporate emerging technologies, threat intelligence, and lessons learned
• Create DevSecOps metrics reports (example: deployment frequency, mean time to resolution, vulnerability remediation time) to demonstrate effectiveness and drive improvement

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year.
• Paid leave and paid holidays are prorated based on the employee's date of hire.
• The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.