Cyber security Devsecops Engineer

• The Cybersecurity DevSecOps Engineer is a securityfocused engineer dedicated to enhancing the security posture throughout the DOL DevSecOps lifecycle.
• Drive the unification and automation of processes to enable development of software capability across the entire DOL organization instrumental in combining code application maintenance and application management.
• Define implement and maintain secure pipelines promoting a culture of rapid and safe iteration; Design and refine scalable and reliable CI/CD processes with a securityfirst approach.
• Develop and enhance a robust build pipeline automating secure build/artifact delivery and Page 21 of 77 deployment.
• Use your expertise to identify and mitigate security risks always prioritizing reasoning and facts.
• Collaborate with the existing team to integrate and improve upon current infrastructure with security best practices.
• Conduct threat modeling and risk assessments ensuring that potential vulnerabilities are identified and addressed collaboratively.
• Lead and participate in security training and awareness initiatives for the development team.
• Develop and maintain an incident response plan ensuring preparedness in the event of a security breach.
• Collaborate with other developers to address security concerns at the root and craft lasting solutions.
• Works actively with application development teams DOL security/ISO Infrastructure and other teams to coordinate and optimize the steps that execute within the DevOps ecosystem and bring consistency and security best practices in approach tools and standards.
• Experience Requirements: Bachelor s degree with seven (10) plus years IT development experience (with a minimum of 5 years of experience in DevSecOps practice & tools).
• Experience building DevSecOps services in IaaS/PaaS/SaaS in Cloud (AWS Azure) environments and good understanding of their security considerations.
• Familiarity with containerization and orchestration tools like Docker and Kubernetes.
• Experience with Kubernetes Docker and/or other cloud orchestration technologies.
• Experience with CI/CD best practices automated builds and tests quality gates software quality and CI tools i.e. Jenkins Ansible Terraform etc.
• Experience with configuration management tools i.e. Git GitHub GitLab Bitbucket others.
• Familiarity with branching strategies gated commits sourcecontrolled management etc.
• Familiarity with the principle of DevSecOps; Atlassian JIRA or other defect tracking tool experience.
• Atlassian Confluence GitLab/GitHub Jenkins and artifact repository experience.
• Familiarity with security coding standard best practices static and dynamic scanning tools i.e. SonarQube Fortify Coverity PCLint etc.
• Programming and scripting experience in a UNIX environment (Bash Shell PowerShell Perl Python Bash Ruby Shell Scripts).
• Must have Agile/SAFe and other related developer certifications and or demonstrate equivalent experience Experience with tools and methodologies for code vulnerability and scanning.

static scanning tools,programming,agile,security posture,jenkins,code,kubernetes,branching strategies,atlassian confluence,atlassian jira,github,saas,ansible,code vulnerability scanning,ci/cd processes,engineering,scripting,iaas,automated builds,dynamic scanning tools,application management,cybersecurity,configuration management tools,safe,application maintenance,devsecops,gitlab,ci,jira,dol organization,docker,devops,security coding standard best practices,artifact repository,ci/cd best practices,terraform