Sr. DevSecOps Engineer I (6095)
About The Position
As Sr. DevSecOps Engineer I, you’ll play a critical role in designing, implementing, and maintaining secure and efficient software development and deployment pipelines. You will collaborate with cross-functional teams to integrate security practices seamlessly into the development and operations lifecycle, ensuring the delivery of high-quality, secure, and reliable software solutions. We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers. If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!
Requirements
- Active TS/SCI with CI Poly.
- Security+, or equivalent certification that satisfies DoD 8140/8570.
- 4+ years of experience as a DevSecOps Engineer or similar role, with a focus on integrating security into the software development lifecycle.
- Expert experience with DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium, Fortify, Acunetix, and Prisma Cloud)
- Strong experience with containerization and orchestration technologies (e.g.,Docker and Kubernetes/OpenShift).
- Strong experience with infrastructure-as-code (IaC) tools (e.g.,Terraform, CloudFormation, or Ansible).
- Strong experience in scripting languages for automation and tool integration (e.g., Python, Bash).
- Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST).
Responsibilities
- Collaborate with development, operations, and security teams, and with software engineers, to integrate security practices into the software development lifecycle, provide guidance on secure coding practices, and assist in remediation of security findings.
- Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks, and develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components.
- Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure, monitor and analyze system and application logs to detect and respond to security incidents, and participate in incident response activities to investigate and mitigate security incidents in a timely manner.
- Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place, and contribute to the development and maintenance of security policies, procedures, and documentation.
Benefits
- Health, dental, and vision insurance
- 401(k) retirement plan with company match
- Paid time off (PTO) and holidays
- Parental Leave and dependent care
- Flexible work arrangements
- Professional development opportunities
- Employee assistance and wellness programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
