Software/Container Security Engineerâ CONTINGENT
Software/Container Security Engineerâ CONTINGENT
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 135 - 155
1 Vacancy
Job Description
JOB TYPE: FULL-TIME
COMPETITIVE SALARY COMPREHENSIVE BENEFITS AND A COMPANY THAT CARES!
THIS POSITION IS CONTINGENT UPON FUNDING.
Relocation May Be Considered
AUSGAR Technologies Inc. an EOE Disabled/Veterans employer is an established Service-Disabled Veteran-Owned Small Business (SDVOSB) Department of Defense government contractor with core competencies in Information Assurance Cyber Security and Systems Engineering. With offices on both the East and West coasts an inviting culture and above-standard benefits opportunity abounds for the right individual!
Software/Container Security EngineerCONTINGENT - San Diego California
AUSGAR Technologies has an exciting NEW CONTINGENT opportunity for a Software/Container Security Engineer to join our team of smart and innovative technical team members working in the Point Loma area of San Diego California.
This key role is responsible for oversight of Container Information Security for NIWC PAC in Point Loma CA. Will identify potential security configuration and other risks and vulnerabilities in the container environment. Will provide container vulnerability assurance inclusive of compliance with configuration requirements security controls and improvements.
Job Responsibilities:
Core Security Expertise
o Application Security Fundamentals
- Experience with static application security testing (SAST) dynamic application security testing (DAST) and software composition analysis (SCA) tools and processes.
- Understanding of common web application vulnerabilities (OWASP Top 10 SANS Top 25).
- Understanding of API security best practices (REST GraphQL).
- Knowledge of secure coding principles and best practices for Java programming language.
o General Security Concepts
- Risk assessment and management.
- Identity and Access Management (IAM) principles and best practices (RBAC ABAC least privilege).
- Data security and privacy principles (encryption in transit/at rest data classification).
- Security logging monitoring and incident response fundamentals.
Container & Orchestration Security
o Containerization Technologies
- Experience with container registries (e.g. Docker Hub Quay Azure Container Registry ECR GCR) and securing them.
- Expertise with Docker container runtimes (containerd Podman) and image best practices (multi-stage builds minimal images).
- Understanding of container networking and storage security.
o Kubernetes/OpenShift Security
- Experience hardening Kubernetes clusters (e.g. kube-bench CIS benchmarks).
- Experience with securing Kubernetes workloads and configurations.
- Knowledge of Kubernetes security primitives (Network Policies Pod Security Policies/Admission Controllers Service Accounts Secrets RBAC).
- Understanding of Kubernetes admission controllers and how to leverage them for security enforcement.
o Container Security Tools
- Hands-on experience with container image scanning tools (e.g. Trivy Clair Anchore Snyk Container).
- Experience with container runtime security tools (e.g. Falco Sysdig Secure Aqua Security Twistlock/Palo Alto Prisma Cloud).
DevSecOps & Automation
o CI/CD Integration
- Experience integrating security tools and practices into CI/CD pipelines (e.g. Jenkins GitLab CI/CD GitHub Actions Azure DevOps Pipelines ArgoCD).
- Ability to automate security checks (SAST DAST SCA container scanning IaC scanning) within the pipeline.
- Understanding of artifact management and secure supply chain principles.
o Infrastructure as Code (IaC) Security
- Familiarity with IaC tools (e.g. Terraform CloudFormation Ansible Helm).
o Scripting & Automation:
- Proficiency in at least one scripting language (e.g. Python Bash Go) for automating security tasks and integrations.
o Version Control
- Strong understanding of Git and collaborative development workflows (e.g. pull requests branching strategies).
Agile & Collaboration Skills:
o Agile Methodologies
- Experience working within Agile/Scrum/Kanban teams.
- Ability to integrate security activities seamlessly into sprints and release cycles.
- Understanding of how to embed security early (shift left).
o Communication & Collaboration
- Excellent verbal and written communication skills able to explain complex security concepts to technical and non-technical audiences.
- Strong collaboration skills capable of working effectively with developers operations QA and product owners.
- Ability to provide constructive feedback and guidance to development teams.
o Problem-Solving
- Strong analytical and problem-solving skills to identify security issues and propose effective solutions.
The physical demands and work environment described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodation may be made for individuals with disabilities to perform the essential functions.
- Must possess an active Top-Secret clearance.
- Bachelors degree from an accredited college/university desired.
- Five years of related experience.
- Hands-on experience with container image scanning tools (e.g. Trivy Clair Anchore Snyk Container).
- Experience with static application security testing (SAST) dynamic application security testing (DAST) and software composition analysis (SCA) tools and processes.
- Experience with container registries (e.g. Docker Hub Quay Azure Container Registry ECR GCR) and securing them.
- Expertise with Docker container runtimes (containerd Podman) and image best practices (multi-stage builds minimal images).
- Experience with container runtime security tools (e.g. Falco Sysdig Secure Aqua Security Twistlock/Palo Alto Prisma Cloud).
- Experience working within Agile/Scrum/Kanban teams.
- Experience integrating security tools and practices into CI/CD pipelines (e.g. Jenkins GitLab CI/CD GitHub Actions Azure DevOps Pipelines ArgoCD).
- Proficiency in at least one scripting language (e.g. Python Bash Go) for automating security tasks and integrations.
- Strong understanding of Git and collaborative development workflows (e.g. pull requests branching strategies).
- Strong analytical and problem-solving skills to identify security issues and propose effective solutions.
- Excellent verbal and written communication skills able to explain complex security concepts to technical and non-technical audiences.
Salary Range: $135K-155K
Based on your qualifications you will be placed in Level I-V.
An essential qualification for this position is having a security clearance issued by the Federal Government which may require successful completion of a background check.
We use E-Verify to electronically confirm the employment eligibility of newly hired employees.
AUSGARs salary range is dependent upon a variety of factors which include experience skills education certifications and geographical location. Our salary range includes a base salary and excellent benefits package as part of our total compensation.
AUSGAR Technologies Inc. is an equal opportunity employer. If you are a qualified individual with a disability or a disabled veteran and need assistance in completing the application you have the right to request reasonable accommodation. Please e-mail us at if you are unable or limited in your ability to use or access careers page as a result of your disability.
Employment Type
Gig
