DevSecOps Engineer/Configuration Manager - (TS/SCI REQUIRED)

Clearance Level
Top Secret/SCI
Category
Cloud
Location
Washington, District of Columbia
Hybrid Workplace
Key Skills For Success

Cloud DevOps

Cloud Software

Cybersecurity

DevSecOps

REQ#: RQ148934
Requisition Type: Regular
Your Impact

Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by using your expertise to protect our country from threats.

Job Description

Security Clearance Level Require: TS/SCI

Seeking a DevSecOps engineering professional to help identify critical data flows between microservices and find vulnerabilities within a cloud environment for a large government agency. The DevSecOps engineer will assist with end-to-end technical planning, implementation, deployment, security, operation and enhancement of complex systems. Position requires a strong background in cybersecurity software, threat modelling and risk assessments to detect and analyze threats.

Duties:

  • Stay current with the latest application security knowledge and security trends to continuously improve internal processes;
  • Instill and foster adoption of DevSecOps practices through productive engagement with the engineering teams;
  • Assist in the development of security operations for monitoring, testing, auditing, and regulatory compliance;
  • Identify security threats by conducting continual monitoring, penetration testing, vulnerability assessments, and audit log analysis;
  • Build, maintain and communicate the overall security integrity of the cloud environments;
  • Remediate identified vulnerabilities;
  • Conduct internal security audits and execute remediation plans;
  • Protect assets spanning across infrastructure, platform, CI/CD pipelines and applications;
  • Deploy and administer security monitoring tools for the SecOps team, and perform frequent risk assessments;
  • Collaborating with engineers to build a continuous delivery environment that will support the technical needs of our roadmap;
  • Conduct incident response activities ranging from containment to remediation and lessons learned;
  • Design and implement mechanisms that efficiently identify and mitigate security risks within the existing DevOps workstreams;
  • Work with development teams to improve the secure software development lifecycle.

Skills and Experience:

  • Experience working in defense or intelligence community Cloud environments, including AWS GovCloud and C2S
  • Knowledge of the DevOps and principles and knowledge of automation software commonly used on DevOps projects.
  • An understanding of programming languages such as Python, Java, Ruby, Perl, and PHP.
  • Knowledge of AWS, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management
  • Broad understanding of security control techniques and application in a traditional IT environment and cloud-based systems;
  • Ability to assess and analyze a wide range of information to draw conclusions on improvements to the security of systems
  • Understanding of security considerations around RESTful APIs.
  • Strong teamwork and communication skills.
  • Knowledge of threat modelling and risk assessment techniques.
  • Current knowledge of cybersecurity threats, current best practices and latest software.
  • Experience as an IT security professional
  • Degree in computer science, cybersecurity, math, engineering or science.
  • Practical industry standard certification, such as that offered by Microsoft, CompTIA, Cisco or Certified Ethical Hacker (CEH)
  • Accredited DevOps qualifications or DevSecOps Engineering (DSOE) qualifications.

Preferred:

  • 4-6 years of overall experience, to include a minimum of 3 years of enterprise understanding of the methods of technical attack and how these can be detected in a digital environment.
  • Able to communicate technical issues to technical and non-technical audiences
  • Ability to multi-task on multiple projects in a fast-paced environment; able to manage project tasks, scope change, and schedules to keep projects on-track
  • Relevant hands-on and implementation experience in software development, network security, recognizing the security threats, and configuring the network infrastructure
  • Knowledge of the implementation of risk assessment techniques and the latest security best practices
Work Requirements
Years of Experience

5 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

Travel Required

None

Citizenship

U.S. Citizenship Required

About Our Work

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.