Lead DevSecOps Engineer with Security Clearance
Base One Technologies
2024-11-06 15:41:46
Washington, District of Columbia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Our DC Metro based client is looking for Lead DevSecOps Engineer. If you are qualified for this position, please email your updated resume in word format to Primary Responsibilities
• Lead a small team of developers to gather requirements and design, codify, integrate and implement secure solutions that support NOSC business functionality.
• Work with stakeholders to develop requirements and deliverables
• Develop, document, and implement CI/CD strategy for management of Infrastructure as Code (IaC) baseline
• Develop and document shared infrastructure component management strategy to provide consistent standardized container, OS, and application baselines for infrastructure components available through self-service
• Identify requirements, develop, document, and implement branching strategy to support change management requirements while automating as much of the deployment process as practical in the (IaC) CI/CD pipeline.
• Review, debug, and resolve technical issues throughout all stages of SDLC
• Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
• Measure effectiveness of process improvement and automation efforts via metrics and KPIs
• Analyze user needs and software requirements to determine feasibility of design within time and cost constraints. • Applies coding and testing standards, security testing tools (including 'fuzzing' static-analysis code scanning tools), threat modeling, and conducts code reviews.
• Conduct trial runs of programs and software applications to ensure the desired information is produced and instructions are correct. • Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration.
• Identify common coding flaws. • Identify security issues around steady state operation and management of software. • Incorporate security measures that must be taken when a product reaches end of life.
• Perform integrated quality assurance testing for security functionality and resiliency attacks. • Identify potential flaws in codes to mitigate vulnerabilities. • Recognize security implications in the software acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing. • Perform penetration testing as required for new or updated applications. • Develop code (e.g., Python, Powershell, Django, Javascript, HTML, CSS, etc.) to interact with API driven security technologies to automate security tasks (e.g., VirusTotal, Splunk ES, Tanium, etc.) aimed at removing human errors and human inconsistencies. Basic Qualifications
• The candidate shall have bachelor's degree in Computer Science, Engineering, or related field and a minimum of 12 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in cybersecurity
• At least one of the following certifications: CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX, Splunk Enterprise Certified Architect
• Extensive experience in design and automation of security tools and processes.
• Extensive experience in development, APIs, and scripting language support
• Experience implementing and maintaining services in a CI/CD pipeline
• Experience working in an Agile development environment.
• Working knowledge of REST APIs, JSON, HTML/CSS, Javascript, XML
• An active Secret Level Security Clearance and approved DHS Entry on Duty (EOD). Preferred Qualifications
• Experience with VMware & Ansible/Ansible Tower and/or Terraform
• Experience with data administration automating management of large (multi PB) S3 storage pools
• Experience working in AWS and Azure
• Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc
• Experience as a SOC Analyst and/or Incident Responder
• Authoring SOC SOPs, playbooks, work instructions and/or other process documents
• Working knowledge of Java Potential for Telework: Yes, 10%
Clearance Level Required: Secret
Travel: No
Scheduled Weekly Hours: 40
Shift: Day