Senior DevSecOps Engineer

September 4

Apply Now

Receive Emails with Similar Jobs

VivSoft

WebsiteLinkedInAll Job Openings

Solving complex Public Sector Use cases using emerging technologies - SBIR Phase III Awardee

Health IT • Cloud • AWS • Health Exchange • State & Local IT

51 - 200

Description

• Define and lead the implementation of DevSecOps strategies, ensuring security is integrated seamlessly into the development and operational processes. • Architect, implement, and continuously improve secure CI/CD pipelines to automate and enhance software delivery with a focus on security. • Develop and implement automated security controls, monitoring tools, and alerting systems to identify and mitigate potential threats. • Provide technical leadership and mentorship to junior DevSecOps engineers and cross-functional teams, fostering a culture of continuous improvement and learning. • Perform in-depth security assessments, vulnerability scans, and penetration testing, and lead efforts to remediate security gaps. • Utilize and enhance Infrastructure as Code (IaC) tools such as Terraform and Ansible to automate the deployment and management of secure infrastructure. • Work closely with development, operations, and security teams to ensure security best practices are integrated throughout the software development lifecycle. • Ensure all systems and processes comply with DoD cybersecurity requirements and frameworks, such as NIST and DoD STIGs. • Lead and coordinate incident response efforts, conducting thorough post-incident analysis and implementing improvements to enhance resilience. • Stay up to date with emerging DevSecOps tools, technologies, and practices, driving innovation and continuous improvement in our security posture.

Requirements

• Active DoD security clearance is required. • Bachelor's or master's degree in computer science, Information Technology, Cybersecurity, or a related field. • 8+ years of experience in DevSecOps, DevOps, or a related field, with a strong focus on security within a DoD or government environment. • Extensive experience with CI/CD tools and platforms Jenkins, GitLab CI, Azure DevOps. • Strong scripting and automation skills in Python, Bash, PowerShell. • Deep expertise in Infrastructure as Code (IaC) tools Terraform, Ansible. • Proficiency with cloud platforms (e.g., AWS, Azure, Google Cloud) and container technologies (e.g., Docker, Kubernetes). • In-depth knowledge of security frameworks and standards NIST, CIS, DoD STIGs. • Strong experience with security tools such as SAST, DAST, SIEM, and vulnerability scanners. • Strong leadership and mentoring abilities. • Excellent problem-solving and analytical skills. • Effective communication and collaboration skills across diverse teams.