DevSecOps Engineer (Secret)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Job Alert
You will be updated with latest job alerts via email
Job Description
We connect our employees with some of the best opportunities around.
Time and time again, our employees tell us that the most important thing we offer is respect. Federal Staffing Solutions puts people to work in all types of jobs. When you work with us, you build a relationship with a team of employment professionals in your community who have, in turn, built personal relationships with the businesses that are hiring.
We are looking for a DevSecOps Engineer to work onsite in Ashburn, VA supporting our client.
Requirements:
- Requires a BS degree and 12 years of prior relevant experience or Masters with 10 years of prior relevant experience.
- 5 years of experience in Cyber Security.
- 2+ years of hands on experience in implementing/maintaining security in a CI/CD pipeline.
- Experience in the design and automation of security tools and processes.
- The candidate should possess solid programming skills in the following programing and markup languages: Java, .Net, Python, Visual Basic, Powershell, Bash, C++, Javascript, HTML, CSS
- Possess the technical skills and experiences with Cloud Service (AWS, Azure, etc.), continuous delivery systems, and the ability to enhance SOC operations through automation.
- Performing integrated quality assurance testing for security functionality and resiliency to attacks
- Security-oriented programming, identifying potential flaws in codes to mitigate vulnerabilities.
- Applying coding and testing standards, security testing tools (including fuzzing static-analysis code scanning tools), Identify common coding flaws, threat modeling, and conducts code reviews.
- Performing or supporting penetration testing as required for new or updated applications.
- Recognizing security implications in the software/code acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
- Participating in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance.
- Applying plan, code, build, test, release, deploy, and monitor process when writing software to automate CBP SOC security tasks
- Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.)
- Excellent problem solving, analytical skills and technical troubleshooting skills
- Ability to work with customers/stakeholders, developers, testers, project managers, support staff
- Experience acquiring in-depth understanding of large complex software systems to isolate defects, reproduce defects, assess risk and understand varied customer deployment
- Working knowledge of encryption algorithms, secure communications, and network/data communication protocols.
- Familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
- Prior experience with the CRAMS tool to include:
- Onboarding specific CBP Directorates into the CRAMS Tool
- Developing training materials for use of CRAMS within CBP s network
- Familiarity with DHS/CBP ATO Process
- Clearance: A Secret Clearance is required with the ability to obtain a Top Secret SCI. In addition to specific security clearance requirements all CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program
- AWS Solutions Architect, DevOps Certs, RHCE -
- Orchestration of Cloud infrastructure (Infrastructure as Code) -
- Advance Degree in Computer Science or Computer Engineering -
- Prior DevOps experience with CBP s Cybersecurity Directorate
Essential Requirements: A Secret Clearance is required with the ability to obtain a Top Secret SCI
Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job with or without reasonable accommodation. While performing the duties of this job, the employee will regularly sit, walk, stand and climb stairs and steps. May require walking long distance from parking to work station. Occasionally, movement that requires twisting at the neck and/or trunk more than the average person, squatting/ stooping/kneeling, reaching above the head, and forward motion will be required. The employee will continuously be required to repeat the same hand, arm, or finger motion many times. Manual and finger dexterity are essential to this position. Specific vision abilities required by this job include close, distance, depth perception and telling differences among colors. The employee must be able to communicate through speech with clients and public. Hearing requirements include conversation in both quiet and noisy environments. Lifting may require floor to waist, waist to shoulder, or shoulder to overhead movement of up to 20 pounds. This position demands tolerance for various levels of mental stress.
Job Duties:
- Cloud technology -
- Internet servers
- Application whitelisting -
- Virtualized containers
- Web-enabled database applications
- Network security -
- Security engineering
- Data integrity
- Intrusion detection
- Firewall management
- Forensic and legal information security
- Virtual private networks
- Public Key Infrastructure (PKI) / Digital Signatures
- Encryption
- Network Security Architecture
- DHS Policy
- Champion security by injecting security concerns into the existing development workflow;
- Build security thinking into every stage of software development.
- Coordinate with teams across the enterprise on the migration of existing IT services to the cloud;
- Identify security technical requirements, potential problems and issues, and participate on agile software development teams.
- Support SOC capabilities by customizing tools and automating processes for SOC and IR analysts.
Employment Type
Full Time
