RockvilleMDRecruiter Since 2001
the smart solution for Rockville jobs

DevOps Security Engineer

Company: ALTA IT Services
Location: Rockville
Posted on: November 16, 2021

Job Description:

Job Description DevOps Security Engineer 100% Remote Contract to Hire Permanent Per our Federal Government Contract, candidates must be a US Citizen, Green Card or EAD holder All candidates must be able to pass a drug screen and criminal state/federal background check prior to starting We are searching for a hands-on DevSecOps Engineer to support a federal project where some of the most complex government, defense, and intelligence projects across the country are underway. As a DevSecOps Engineer, you will be responsible for bringing development, security, and operations together to create a robust security approach for an Enterprise Hosting Program. This program focuses on delivering infrastructure services to host custom business and scientific applications in research facilities and in the cloud. You'll serve as the principle technical advisor and subject matter expert, focusing on shifting left with security and automating security best practices. We are looking for someone that has the drive and dedication to continuously improve the DevSecOps service offerings, be capable of leading deep technical discussions, and approach securing infrastructure and applications by automating processes and building tools. Responsibilities: Developing and implementing continuous integration and continuous delivery (CI/CD) pipelines to automate and shift left with security for the deployment of infrastructure and application code. Writing and reviewing infrastructure as code to ensure compliance with NIH baselines, NIST cybersecurity frameworks, and FISMA guidelines. Monitoring, coordinating, reporting the status, and responding to alerts for compliance violations, threats, and vulnerabilities reported by vendors and CISA or found using tools such as Tenable, Splunk, FireEye, Carbon Black, and Netsparker. Serving as a subject matter expert within the Enterprise Hosting Program to collaborate with and guide infrastructure engineers to build secure infrastructure services, address new and critical security vulnerabilities, and enhance cybersecurity best practices across the program by automating and developing streamlined processes. Working closely with senior leaders to develop a comprehensive, agile, and innovative DevSecOps program that supports all phases of the software development lifecycle, identifies and effectively manages risk, and establishes a user-friendly cybersecurity culture. Participating in a daily stand-up meeting to report your accomplishments, plans for the day, and any roadblocks you encountered. Your team will do the same, giving you an opportunity to understand and contribute to other ongoing initiatives. Occasionally presenting to our program or our software developer colleagues, on DevSecOps best practices and ways to solve challenging technical issues with agile security tools and practices. Required Qualifications: Per our Federal Government Contract, candidates must be US Citizens or Green Card holders. BA/BS or equivalent and eight years related experience or a MS and six years' experience. Minimum of five years hands-on experience and subject matter expertise with enterprise infrastructure, such as recent versions of Windows server and RedHat Linux, F5 BigIP application services, DNS, Active Directory, Group Policy, Enterprise SQL and Postgres databases, and VMware to include VMware NSX. Minimum of five years of experience with DevSecOps tools to automate the integration of security at every phase of the software development lifecycle, from initial design through integration, testing, deployment, and product delivery. Examples of tools include Azure DevOps, GoCD, Jenkins, Maven, Codacy, GitHub, Sonarqube, Terraform, Vault, and OWASP ZAP. Experience with network and system security tools, including web application firewalls, endpoint protection, application vulnerability scanning, encryption protocols, security information and event management, and identity and access management. Knowledge of and the ability to explain cybersecurity processes and concepts, such as threats, vulnerabilities, encryption, network boundary defense, zero trust, SOAR, authentication, security certification and accreditation, and risk management framework. Experience designing solutions and implementing technologies following NIST standards, such as SP 800-53, SP 800-190, and SP 500-291. Hands-on experience with scripting languages such as Powershell, Python or Bash, and infrastructure as code tools such as Terraform to include writing scripts and modules from scratch. Experience analyzing solutions components, understanding systems integration challenges, and identifying security risks in current components that must be resolved to reach security targets and functionality requirements in enterprise infrastructure. Ability to get and maintain a NIHPublic Trust Preferred Qualifications: Experience with common AWS services, such as EC2, S3, RDS, VPC, Cloud Watch, Cloud Trail, and IAM. Experience configuring and securing containers and container orchestration solutions such as Docker and Kubernetes. Experience developing workflows in ServiceNow to integrate DevSecOps toolchains to provide data insights, accelerate change, and increase visibility across DevOps teams. Knowledge of Trusted Internet Connection (TIC) 3.0 policy and recommended frameworks Company Description ALTA is a highly successful, rapidly growing IT staffing firm with a diverse client base. We were ranked the largest staffing firm in the Washington Business Journal. Our clients have been with us for many years due to the quality of our staff and the level of service received. We are looking to expand our team with people that can carry on our tradition of excellence.

Keywords: ALTA IT Services, Rockville , DevOps Security Engineer, Engineering , Rockville, Maryland

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Maryland jobs by following @recnetMD on Twitter!

Rockville RSS job feeds