GDIT is looking for a Development Security Operations (DevSecOPS) Engineer to join a cross functional application development team tasked with sustaining a military Command and Control (C2) system and its transition from the existing monolithic software architecture into an architecture using service mesh and microservices. This position is not yet funded. During the transition the team needs to ensure compatibility with currently fielded systems and system variants. Selection for this DevSecOps Engineer position requires:
Certified Information Systems Security Professional (CISSP) certification
More than two years’ experience in system security
More than two years of experience in configuration control, testing, security, automation, containerization, orchestration, and cloud services open source technologies
Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development
Significant knowledge of cloud technology, including EC2, IAM, CloudWatch, CloudTrail, Config, Lambda, Security Groups, VPCs, WAF, Guard Duty, Inspector, etc.
Experience with cloud-based security management/IDS/IPS/SIEM tools, such as Splunk, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, etc.
Programming or scripting experience with a popular modern language utilized by above tools (Java, Python, Ruby, etc.).
Experience extracting pertinent security data from logs, and reports
Understanding DoD Risk Management Framework (RMF) process and principles
Experience in integrating cybersecurity into DevSecOps process and use of tools (OpenSCAP, Teanble Nessus, Fortify, TwistLock/Contrast Security, ThreadFix)
Participation as team member in Agile development environment supporting software engineers including identification of security controls, implementation analysis, and test development/verification
In this dynamic role the DevSecOps Engineer will:
Work closely with the Operations team to support 24/7/365 multi-cloud operations, provide maximum uptime and security, and expand operations to additional cloud regions and providers
Implement new security tools and systems based on InfoSec policies
Evaluate security tooling implementation; recommend and deploy enhancements
Maintain development and production environments for engineering teams
Provide knowledgeable, confident high-level support within the organization to resolve internal and external customer issues
Assist in developing, implementing and enforcing policies to enhance physical, network and system security
Commit to continuous learning and improvement of development and quality strategies
Recommend technical security policies and consult with Development teams on remediations
Liaise with engineering organization to ensure adherence to secure development practices
Foster and evangelize DevOps culture and product ownership amongst engineering teams
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.