Senior AWS DevSecOps Engineer - REMOTE!

GDIT's Cloud Platform team is looking for a Senior Cloud Security Engineer to join our team and support the National Institutes of Allergy and Infectious Diseases (NIAID).
 

This role will join an Agile team collaborating with engineers and developers to continuously innovating and improving security posture across a large federal AWS environment. 
 

The ideal candidate will  possess strong hands-on experience within a DevSecOps framework, infrastructure as code (terraform), and container services (ECS/Docker).

This role is fully remote, but must be within commuting distance to Rockville, MD.

Responsibilities:

• Implement security tools with a focus on automating security and compliance best practices.

• Build and maintain automation and integrations with security tooling and AWS security services.

• Collaborate with development teams to solve complex security challenges.

• Provide support with security incidents and remediation activities.

• Implement CI/CD pipeline utilizing DevSecOps principles and practices to increase automation.

• Create and maintain documentation playbooks and  provide training  to others on the team.

• Support and contribute to business security requirements, such as the creation of security policies, procedures, and processes.

• Participate in all team planning, product demonstrations, and team retrospectives

• Serve as lead on projects and tasks

Required Qualifications and Skills:

• BA/BS (or equivalent experience) and 7+ years of related IT experience

• 4+ years related experience with DevSecOps tools and practices, especially experience with Terraform, Docker, Github

• Experience managing AWS network resources such as VPC, URL proxies, private link, DNS, ACLs, firewalls

• Strong experience with AWS Services especially Security and Infrastructure

• Experience with APIs and Plugins to integrate security tools into CI/CD pipelines

• Strong experience with embedding security into CI/CD pipelines

• Must be able to obtain/maintain a Public Trust 

• Must be within commuting distance to Rockville, MD

Desired Qualifications and Skills:

• Experience with implementation of FISMA compliance security controls, including compliance with CIS and NIST 800-53 benchmarks.

• Experience creating AWS Custom Config Rules

• Development languages, and frameworks, including TypeScript, Node.js, AWS SDK, Python, and XML

• Knowledge of compliance-as-code and ATO automation frameworks

• Working knowledge of standard data storage formats and abstractions, including YAML, JSON, XML

• Experience with database technologies, e.g. SQL, NoSQL.

#GDITFedHealthJobs