Sr DevSecOps Engineer 5773

As a Sr. DevSecOps Engineer youll play a critical role in designing implementing and maintaining secure and efficient software development and deployment pipelines. You will collaborate with crossfunctional teams to integrate security practices seamlessly into the development and operations lifecycle ensuring the delivery of highquality secure and reliable software solutions.

We know that you cant have great technology services without amazing people. At MetroStar we are obsessed with our people and have led a twodecade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people we live by our mission: A passion for our people. Value for our customers.

If you think you can see yourself delivering our mission and pursuing our goals with us then check out the job description below!

What youll do:

• Collaborate with development operations and security teams to integrate security practices into the software development lifecycle.
• Design implement and maintain CI/CD pipelines that incorporate automated security testing vulnerability scanning and compliance checks.
• Develop and maintain infrastructure as code (IaC) templates and configurations ensuring security best practices are applied to cloud resources and infrastructure components.
• Perform regular security assessments code reviews and penetration testing to identify and address vulnerabilities and weaknesses in applications code and infrastructure.
• Monitor and analyze system and application logs to detect and respond to security incidents.
• Implement and manage identity and access management (IAM) solutions ensuring appropriate authentication and authorization mechanisms are in place.
• Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings.
• Participate in incident response activities helping to investigate and mitigate security incidents in a timely manner.
• Contribute to the development and maintenance of security policies procedures and documentation.

What youll need to succeed:

• Active TS/SCI Clearance with CI poly.
• At least 10 years of experience as a DevSecOps Engineer or similar role with a focus on integrating security into the software development lifecycle.
• Expert experience with DevOps practices CI/CD pipelines and automation tools (e.g. Jenkins GitLab CI/CD Artifactory SonarQube Selenium Fortify Acunetix and Prisma Cloud).
• Expert experience building DevSecOps solutions at scale across IL5 to IL6 classification domains
• Expert understanding of AWS and familiarity with other cloud platforms (e.g. Azure GCP) and securing cloudbased applications and services.
• Strong experience with infrastructure as code (IaC) tools such as Terraform CloudFormation or Ansible.
• Strong experience in scripting languages (e.g. Python Bash) for automation and tool integration.
• Handson experience with security tools for static code analysis dynamic application security testing (DAST) and vulnerability scanning using tools such as Fortify Acunetix and Prisma Cloud
• Knowledge of security best practices common vulnerabilities and exposure to security frameworks (e.g. OWASP NIST).