Koniag Data Solutions LLC a Koniag Government Services company is seeking a DevSecOps Engineer to support KDS and our government customer in Washington DC. This position requires the candidate to be able to obtain a Public offer competitive compensation and an extraordinary benefits package including health dental and vision insurance 401K with company matching flexible spending accounts paid holidays three weeks paid time off and Data Solutions a Koniag Government Services company is seeking an experienced DevSecOps Engineer to support the implementation operation and continuous improvement of DevSecOps practices pipelines and tools in support of the U.S. Small Business Administration (SBA). The ideal candidate is a mid to senior-level engineering professional with solid hands-on experience in DevSecOps methodologies CI/CD pipeline development security automation and cloud technologies and a demonstrated ability to integrate security practices into software development and operations workflows within a federal government environment. This individual will play a key role in building maintaining and improving SBAs DevSecOps capabilities contributing to the secure and efficient delivery of software and infrastructure solutions that support SBAs mission and operational DevSecOps Engineer will support the design implementation operation and continuous improvement of DevSecOps pipelines tools and practices at the SBA working closely with development teams security teams operations staff and program managers to integrate security throughout the software development lifecycle and enable the reliable secure delivery of software and infrastructure solutions in support of SBAs mission. Principal responsibilities will include but are not limited to:Design build implement and maintain CI/CD pipelines and DevSecOps toolchain components for SBA ensuring pipelines are automated secure and aligned with SBAs software delivery requirements and security security tools and automation into CI/CD pipelines including static application security testing (SAST) dynamic application security testing (DAST) software composition analysis (SCA) container security scanning and infrastructure as code (IaC) security scanning to support the continuous identification and remediation of security vulnerabilities throughout the and maintain infrastructure as code (IaC) practices and tools to support automated repeatable and auditable provisioning and management of SBAs IT infrastructure and cloud with SBAs development security and operations teams to implement and enforce DevSecOps standards coding best practices security requirements and quality gates within CI/CD the containerization and orchestration of SBA applications ensuring container images are properly secured scanned and managed in accordance with SBA security requirements and federal and analyze the performance reliability and security of CI/CD pipelines and DevSecOps toolchain components identifying and implementing improvements to enhance pipeline efficiency and overall the planning and execution of cloud migration and modernization initiatives applying DevSecOps principles and practices to support the secure migration of SBA workloads to cloud and maintain DevSecOps documentation including pipeline configurations technical runbooks architecture documentation and standard operating procedures to support SBAs DevSecOps with SBAs ISSO and security teams to ensure DevSecOps pipelines and practices support the maintenance of system Authorization to Operate (ATO) requirements including supporting the automation of security control testing and evidence collection in code reviews architecture reviews and security reviews for pipeline components and infrastructure as code artifacts ensuring they meet SBAs quality and security the implementation and management of source code management practices repository security configurations and branching strategies to ensure the integrity and security of SBAs software development in the evaluation and implementation of new DevSecOps tools technologies and practices to enhance SBAs software delivery capabilities and security technical support and guidance to development and operations teams on DevSecOps tools practices and security requirements helping to build organizational capability and support for DevSecOps in incident response activities related to CI/CD pipeline issues security events within the DevSecOps environment and application deployment failures supporting timely identification and resolution of current on DevSecOps technology developments federal policy guidance and industry best practices applying this knowledge to continuously improve SBAs DevSecOps capabilities and and Experience:Required:Bachelors degree in Computer Science Software Engineering Information Technology Cybersecurity or a related field from an accredited college or university OR equivalent combination of education and relevant work experience.4-6 years of progressive experience in software engineering systems engineering or DevOps/DevSecOps with demonstrated hands-on experience designing implementing and managing CI/CD pipelines and DevSecOps practices in a federal government or enterprise hands-on experience with CI/CD tools and platforms such as Jenkins GitLab CI/CD GitHub Actions or similar and container technologies such as Docker and experience integrating security tools and automation into CI/CD pipelines including SAST DAST SCA and container security scanning or more of the following certifications: CompTIA Security Certified Kubernetes Administrator (CKA) AWS Certified Developer Microsoft Certified: Azure Developer Associate or equivalent DevSecOps or cloud engineering :Bachelors or Masters degree in Computer Science Software Engineering Information Technology or a related experience supporting DevSecOps implementation activities at a federal civilian agency preferably the SBA or a similar Kubernetes Administrator (CKA) AWS Certified DevOps Engineer Microsoft Certified: DevOps Engineer Expert or other relevant advanced DevSecOps or cloud engineering Skills and Competencies:Solid knowledge of DevSecOps principles methodologies and best practices and their application to the design implementation and operation of secure automated software delivery pipelines in a federal government or enterprise hands-on experience with CI/CD tools and platforms including Jenkins GitLab CI/CD GitHub Actions CircleCI or similar and the ability to design build and maintain CI/CD pipeline experience with containerization and container orchestration technologies including Docker and Kubernetes including experience with container security practices and image scanning in an operational with infrastructure as code (IaC) tools and practices including Terraform Ansible AWS CloudFormation or similar and their application to automated infrastructure provisioning and integrating security automation into CI/CD pipelines including SAST tools such as SonarQube or Checkmarx DAST tools such as OWASP ZAP or Burp Suite SCA tools such as Black Duck or Snyk and container security scanning tools such as Twistlock Aqua Security or experience with cloud platforms and services including AWS Microsoft Azure or Google Cloud Platform and the application of cloud-native DevSecOps practices and tools within federal experience with source code management and collaboration platforms including Git GitHub GitLab or Bitbucket including familiarity with branching strategies code review processes and repository security understanding of federal cybersecurity frameworks requirements and guidance including NIST SP 800-53 FISMA and FedRAMP and their relevance to DevSecOps practices and pipeline security in a federal with monitoring logging and observability tools and platforms such as ELK Stack Prometheus Grafana Splunk or similar and their integration into DevSecOps pipelines and experience with scripting and programming languages including Python Bash PowerShell or similar and their application to pipeline automation toolchain integration and infrastructure management written and oral communication skills in English with the ability to clearly communicate DevSecOps concepts pipeline configurations and technical findings to both technical and non-technical to work both independently and collaboratively in a team environment demonstrating flexibility and responsiveness to changing priorities and requirements in a fast-paced federal IT to obtain and maintain a Public Trust clearance as required by the Skills and Competencies:Prior experience supporting DevSecOps implementation and operations at the SBA or a similar federal civilian with SBAs IT environment development platforms and mission areas including an understanding of the challenges and opportunities associated with implementing DevSecOps within the SBA with artifact management and software supply chain security tools and practices including JFrog Artifactory Nexus Repository or similar and their integration into secure software delivery of service mesh technologies such as Istio or Linkerd and their application to securing microservices architectures within a DevSecOps with GitOps practices and tools such as ArgoCD or Flux and their application to automated auditable infrastructure and application of the NIST Secure Software Development Framework (SSDF) and its relevance to DevSecOps implementation in a federal government supporting ATO processes and continuous monitoring programs including contributing to the automation of security control testing and evidence collection within CI/CD with software bill of materials (SBOM) concepts and tools and their relevance to software supply chain security and federal compliance Kubernetes Administrator (CKA) Certified Kubernetes Security Specialist (CKS) AWS Certified DevOps Engineer Microsoft Certified: DevOps Engineer Expert or other relevant advanced DevSecOps or cloud with Red Hat OpenShift and its application to container orchestration and DevSecOps practices in federal IT familiarity with chaos engineering concepts and tools and their application to improving the resilience and reliability of DevSecOps pipelines and application deploymentsExperience contributing to the development of DevSecOps training materials and delivering technical knowledge-sharing sessions for development and operations team Equal Employment Opportunity PolicyThe company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race color religion creed ethnicity sex sexual orientation gender or gender identity (except where gender is a bona fide occupational qualification) national origin or ancestry age disability citizenship military/veteran status marital status genetic information or any other characteristic protected by applicable federal state or local law. We are committed to equal employment opportunity in all decisions related to employment promotion wages benefits and all other privileges terms and conditions of company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website please get in touch with Heaven Wood via e-mail by calling to request Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical professional and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers employees and native communities. For more information please Opportunity Employer/Veterans/ Preference in accordance with Public Law 88-352
Required Experience:
IC
Koniag Data Solutions LLC a Koniag Government Services company is seeking a DevSecOps Engineer to support KDS and our government customer in Washington DC. This position requires the candidate to be able to obtain a Public offer competitive compensation and an extraordinary benefits package includi...
Koniag Data Solutions LLC a Koniag Government Services company is seeking a DevSecOps Engineer to support KDS and our government customer in Washington DC. This position requires the candidate to be able to obtain a Public offer competitive compensation and an extraordinary benefits package including health dental and vision insurance 401K with company matching flexible spending accounts paid holidays three weeks paid time off and Data Solutions a Koniag Government Services company is seeking an experienced DevSecOps Engineer to support the implementation operation and continuous improvement of DevSecOps practices pipelines and tools in support of the U.S. Small Business Administration (SBA). The ideal candidate is a mid to senior-level engineering professional with solid hands-on experience in DevSecOps methodologies CI/CD pipeline development security automation and cloud technologies and a demonstrated ability to integrate security practices into software development and operations workflows within a federal government environment. This individual will play a key role in building maintaining and improving SBAs DevSecOps capabilities contributing to the secure and efficient delivery of software and infrastructure solutions that support SBAs mission and operational DevSecOps Engineer will support the design implementation operation and continuous improvement of DevSecOps pipelines tools and practices at the SBA working closely with development teams security teams operations staff and program managers to integrate security throughout the software development lifecycle and enable the reliable secure delivery of software and infrastructure solutions in support of SBAs mission. Principal responsibilities will include but are not limited to:Design build implement and maintain CI/CD pipelines and DevSecOps toolchain components for SBA ensuring pipelines are automated secure and aligned with SBAs software delivery requirements and security security tools and automation into CI/CD pipelines including static application security testing (SAST) dynamic application security testing (DAST) software composition analysis (SCA) container security scanning and infrastructure as code (IaC) security scanning to support the continuous identification and remediation of security vulnerabilities throughout the and maintain infrastructure as code (IaC) practices and tools to support automated repeatable and auditable provisioning and management of SBAs IT infrastructure and cloud with SBAs development security and operations teams to implement and enforce DevSecOps standards coding best practices security requirements and quality gates within CI/CD the containerization and orchestration of SBA applications ensuring container images are properly secured scanned and managed in accordance with SBA security requirements and federal and analyze the performance reliability and security of CI/CD pipelines and DevSecOps toolchain components identifying and implementing improvements to enhance pipeline efficiency and overall the planning and execution of cloud migration and modernization initiatives applying DevSecOps principles and practices to support the secure migration of SBA workloads to cloud and maintain DevSecOps documentation including pipeline configurations technical runbooks architecture documentation and standard operating procedures to support SBAs DevSecOps with SBAs ISSO and security teams to ensure DevSecOps pipelines and practices support the maintenance of system Authorization to Operate (ATO) requirements including supporting the automation of security control testing and evidence collection in code reviews architecture reviews and security reviews for pipeline components and infrastructure as code artifacts ensuring they meet SBAs quality and security the implementation and management of source code management practices repository security configurations and branching strategies to ensure the integrity and security of SBAs software development in the evaluation and implementation of new DevSecOps tools technologies and practices to enhance SBAs software delivery capabilities and security technical support and guidance to development and operations teams on DevSecOps tools practices and security requirements helping to build organizational capability and support for DevSecOps in incident response activities related to CI/CD pipeline issues security events within the DevSecOps environment and application deployment failures supporting timely identification and resolution of current on DevSecOps technology developments federal policy guidance and industry best practices applying this knowledge to continuously improve SBAs DevSecOps capabilities and and Experience:Required:Bachelors degree in Computer Science Software Engineering Information Technology Cybersecurity or a related field from an accredited college or university OR equivalent combination of education and relevant work experience.4-6 years of progressive experience in software engineering systems engineering or DevOps/DevSecOps with demonstrated hands-on experience designing implementing and managing CI/CD pipelines and DevSecOps practices in a federal government or enterprise hands-on experience with CI/CD tools and platforms such as Jenkins GitLab CI/CD GitHub Actions or similar and container technologies such as Docker and experience integrating security tools and automation into CI/CD pipelines including SAST DAST SCA and container security scanning or more of the following certifications: CompTIA Security Certified Kubernetes Administrator (CKA) AWS Certified Developer Microsoft Certified: Azure Developer Associate or equivalent DevSecOps or cloud engineering :Bachelors or Masters degree in Computer Science Software Engineering Information Technology or a related experience supporting DevSecOps implementation activities at a federal civilian agency preferably the SBA or a similar Kubernetes Administrator (CKA) AWS Certified DevOps Engineer Microsoft Certified: DevOps Engineer Expert or other relevant advanced DevSecOps or cloud engineering Skills and Competencies:Solid knowledge of DevSecOps principles methodologies and best practices and their application to the design implementation and operation of secure automated software delivery pipelines in a federal government or enterprise hands-on experience with CI/CD tools and platforms including Jenkins GitLab CI/CD GitHub Actions CircleCI or similar and the ability to design build and maintain CI/CD pipeline experience with containerization and container orchestration technologies including Docker and Kubernetes including experience with container security practices and image scanning in an operational with infrastructure as code (IaC) tools and practices including Terraform Ansible AWS CloudFormation or similar and their application to automated infrastructure provisioning and integrating security automation into CI/CD pipelines including SAST tools such as SonarQube or Checkmarx DAST tools such as OWASP ZAP or Burp Suite SCA tools such as Black Duck or Snyk and container security scanning tools such as Twistlock Aqua Security or experience with cloud platforms and services including AWS Microsoft Azure or Google Cloud Platform and the application of cloud-native DevSecOps practices and tools within federal experience with source code management and collaboration platforms including Git GitHub GitLab or Bitbucket including familiarity with branching strategies code review processes and repository security understanding of federal cybersecurity frameworks requirements and guidance including NIST SP 800-53 FISMA and FedRAMP and their relevance to DevSecOps practices and pipeline security in a federal with monitoring logging and observability tools and platforms such as ELK Stack Prometheus Grafana Splunk or similar and their integration into DevSecOps pipelines and experience with scripting and programming languages including Python Bash PowerShell or similar and their application to pipeline automation toolchain integration and infrastructure management written and oral communication skills in English with the ability to clearly communicate DevSecOps concepts pipeline configurations and technical findings to both technical and non-technical to work both independently and collaboratively in a team environment demonstrating flexibility and responsiveness to changing priorities and requirements in a fast-paced federal IT to obtain and maintain a Public Trust clearance as required by the Skills and Competencies:Prior experience supporting DevSecOps implementation and operations at the SBA or a similar federal civilian with SBAs IT environment development platforms and mission areas including an understanding of the challenges and opportunities associated with implementing DevSecOps within the SBA with artifact management and software supply chain security tools and practices including JFrog Artifactory Nexus Repository or similar and their integration into secure software delivery of service mesh technologies such as Istio or Linkerd and their application to securing microservices architectures within a DevSecOps with GitOps practices and tools such as ArgoCD or Flux and their application to automated auditable infrastructure and application of the NIST Secure Software Development Framework (SSDF) and its relevance to DevSecOps implementation in a federal government supporting ATO processes and continuous monitoring programs including contributing to the automation of security control testing and evidence collection within CI/CD with software bill of materials (SBOM) concepts and tools and their relevance to software supply chain security and federal compliance Kubernetes Administrator (CKA) Certified Kubernetes Security Specialist (CKS) AWS Certified DevOps Engineer Microsoft Certified: DevOps Engineer Expert or other relevant advanced DevSecOps or cloud with Red Hat OpenShift and its application to container orchestration and DevSecOps practices in federal IT familiarity with chaos engineering concepts and tools and their application to improving the resilience and reliability of DevSecOps pipelines and application deploymentsExperience contributing to the development of DevSecOps training materials and delivering technical knowledge-sharing sessions for development and operations team Equal Employment Opportunity PolicyThe company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race color religion creed ethnicity sex sexual orientation gender or gender identity (except where gender is a bona fide occupational qualification) national origin or ancestry age disability citizenship military/veteran status marital status genetic information or any other characteristic protected by applicable federal state or local law. We are committed to equal employment opportunity in all decisions related to employment promotion wages benefits and all other privileges terms and conditions of company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website please get in touch with Heaven Wood via e-mail by calling to request Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical professional and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers employees and native communities. For more information please Opportunity Employer/Veterans/ Preference in accordance with Public Law 88-352
What We Do Koniag Government Services (KGS) is an Alaska Native Corporation comprised of multiple wholly owned subsidiary companies that deliver Enterprise Solutions, Professional Services, and Operations Management to Federal Government agencies. With an agile employee and corporate
... View more