Sr. DevSecOps Engineer

About The Position

Requirements

• 5+ years of relevant experience.
• U.S. Citizenship is required to obtain and maintain a Public Trust.
• Version Control Systems
• Proficiency with Git
• Advanced knowledge of GitLab, including CI/CD pipelines, merge requests, and issue tracking
• Familiarity with branching, promotion, and release strategies (such as SemRel)
• Familiarity using internalized registries and repositories (Nexus dependency management, internal container registries, etc.)
• CI/CD
• GitLab CI/CD
• GitLab runners (configuration and management)
• GitLab components (Or generally developing and utilizing templates for CI/CD jobs in any platform, such as GitHub Actions)
• Cloud Platforms
• Demonstrated proficiency with AWS (Lambda, EC2, S3, EBS/EFS, ECS, EKS, SNS, CloudWatch)
• Containerization
• Docker (building, deploying, and managing containers)
• Kubernetes (orchestration, deployment strategies, security, troubleshooting)
• Container security best practices
• Including container hardening strategies, such as maintaining a secure “golden” image
• Deploying and managing container-based runners hosted on EKS
• GitOps tools and deployment principles (such as ArgoCD/Flux)
• Security Testing
• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)
• Interactive Application Security Testing (IAST)
• Software Composition Analysis (SCA)
• Container scanning tooling (Trivy, Prisma/Twistlock, Neuvector, etc..)
• Infrastructure as Code (IaC)
• Terraform (writing, managing, and optimizing Terraform configurations)
• Other IaC tools (e.g., CloudFormation, Ansible)
• Scripting and Programming
• Proficiency in scripting languages (e.g., Python, Bash)
• Basic to intermediate programming skills
• Experience working with a Linux-based shell, managing way around a Linux-based system
• Ability to work well in a paired programming environment at times
• Automation
• Creating and maintaining automated security checks and remediations
• Integrating security into automated deployment processes
• Incorporating linting tooling into development processes
• Incorporating unit & performance testing into deployment processes

Nice To Haves

• GitLab certification
• AWS certification

Responsibilities

• Help build GitLab-based DevSecOps automated pipelines into AWS gov cloud
• Support and enable application delivery times on CI/CD platform
• Manage and operate GitLab CI/CD.

Benefits

• Paid Time Off & Holiday Pay
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Disability, Life Insurance, and AD&D
• Flexible Spending Accounts
• Pre-Tax 401K and/or After-Tax Roth IRA (with employer matching contribution)
• Tuition and Technical Training Reimbursement
• Exercise Reimbursement
• Computer Reimbursement
• Employee Assistance Program