Principal DevSecOps Engineer

Belong. Connect. Grow. with KBR!

KBRs National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security this position your work will have a profound impact on the countrys most critical role protecting our national security.

Why Join Us

• Innovative Projects:KBRswork is at the forefront ofengineeringlogistics operations science program management missionITand cybersecuritysolutions.

• Collaborative Environment:Be part of a dynamic team that thrives on collaboration and innovation fostering a supportive and intellectually stimulating workplace.

• Impactful Work:Your contributions will be pivotal in designing andoptimizingdefense systems that ensure national security and shape the future of space defense.

KBR isseekinga highly motivated andexperiencedSystems EngineerandLeadinDevSecOpsto be a part of the team that supportsthe Department of the AirForceadvanced air platform testing andrapid development.This role would also support future development within KBRs corporate infrastructure.

Key Responsibilities/ Goals:

• Serve as theDevSecOps subject-matter expert and architectural authority

• Definestandardsreference architectures and best practicesused across teams

• Design and implementsecure scalable andhighly availablecloud and hybrid platforms

• Embed security controlsdirectlyinto:

• CI/CDpipelines

• Infrastructureascode

• Container platformsanddeploymentworkflows

• Evaluate select and integrate DevSecOpstooling including

• SASTDAST SCA

• Secretsmanagementencryptionandidentity integration

• Containersecurity

• Leadimplementation ofcontainerizedplatforms(Docker Kubernetes OpenShift etc.)

• Integrate identity access management secrets management and encryption into pipelines and platforms

• Troubleshoot complex system pipeline and security issues across environments

• Actas atrusted technical advisorto engineering security and platform teams

• Mentor engineersand elevateDevSecOpsmaturityacross theorganization

• Lead technical reviews architecture discussions and root cause analyses

• Communicate risktradeoffsandrecommendationsclearly totechnical andnon-technicalleadership

• Activelymaintainsecurity vulnerability assessment databases for third-party application dependency scans and operating system level scans

• Actively monitor GitLab Security Dashboards for new vulnerabilities detected in software products and work with developers to remediate

• Maintain and enforcecompliance frameworks across projects

• Maintain the software release pipeline

• Ensure base container images are regularly updated toinclude latest security patches and updates

Work Environment:

• Location:Beavercreek Ohio

• Travel Requirements:Minimal(travel to Beavercreek Office location as needed)

• Working Hours:Standard/Flexible(3daysin office)OR Hybrid

Qualifications:

• Education:Bachelors inComputerScience Computer Engineering Electrical Engineering or related field

• WorkExperience:7 to 10 years of experienceinsoftware developmentsystems engineering platform engineering or DevOps roles

• Containerization Technologies:Expert level experience building container images withPodman DockerKanikoSkopeo.Familiarization withUniversal Base Images(UBI).Familiarization with k3s and k8s desired.

• GitLab CI/CD:Expert-level experience building andoptimizingbuild pipelines.To include use of CI templates or CI components.

• SecurityIntegration:Proficiencyinimplementing security scan execution policiesand pipeline security scans.Familiar withTrivySemgrep andGemnasium(or other SBOM based dependency scans).

• Software Proficiency:Expert-level experience with package managers forJavaPythonand Node.

• Operating Systems:Proficient with Red Hat Enterprise Linux 8.10 or higher.

Required:

• Security Clearance:Active DoD Secretor higherclearance

• Work styleAbility to work independently and as part of a team.

Desired:

• Collaboration:Technical leadership and systems thinking

• Improving the system:Excellentproblem-solvingskillsandRiskbaseddecision making