DevSecOps Engineer

Location: Virginia - Full remote (East Coast)

Number of openings: 1

Experience: 5+ Years of dedicated Dev Sec Ops

Pay Rate to candidates: $65-70/hr ($135K salary when converted after 6-months)

Benefits: None/Contract

Start Date: 2-3 weeks

Clearance Level: None, must be US Citizen and must be able to get Public Trust

The Dev Sec Ops  team is responsible for developing various security and infrastructure solutions in the cloud and on-premise data centers. We are seeking a motivated individual as this team is constantly evolving and is currently evolving cloud security solutions in AWS. The successful candidate will have proven experience in automating manual IT infrastructure and security processes and will have a proven track record of learning new technologies.

Participating in a rotating on-call schedule

Integrating with application teams to act as security SME and assist with connecting to new and existing security-related tooling

Reviewing and assisting application teams with architectural decisions pertaining to security best practices.

Develop IaC using Cloud Formations and Terraform

Develop reusable automation using Ansible

Develop processes and automation to harden AMI and Docker Container Images

Write and review Kubernetes Network and Service Mesh policies to create inner cluster security perimeters.

Assist Security Organization with research and development of tooling and applications that can shift security into CI/CD Pipelines

Develop Jenkins and Circle

CI code to build or add onto new existing CI/CD pipelines

Perform research and development on new Cloud offerings from a variety of Cloud Platforms.

Develop example code, best practice documents, and processes to aid application and Sec Ops teams in deploying their service offerings.

5+ years IT Experience

Bachelor of Science in Computer Science, Information Systems, Mathematics, Engineering, or a related degree. Can substitute 3 additional years of relevant experience in lieu of a degree.

2+ years of experience working in Kubernetes environments. This experience must include engineering deployment strategies, experience hardening deployments, and hardening the control plane and worker nodes. Also, a key skill is to understand how to implement observability and altering into new and existing clusters.

2+ years of experience developing in containerized environments

2+ years of experience presenting the technical solutions you develop to other teams and organizing technical dependencies involving other teams.

4+ years of experience in Dev Ops or Dev Sec Ops  roles. Must have experience working closely with application or infrastructure teams as a Dev Ops or Dev Sec Ops  engineer and have experience developing with Ansible and Terraform.

4+ years of Cloud Platform and Security Engineering. Experience working with one or more cloud platforms (AWS experience preferred) to develop secure solutions that scale. This includes but is not limited to, AWS Lambda, Docker, and Kubernetes-related services, cloud network and cloud services, and a deep understanding of how to secure and observe those services.

2+ years of Security Engineering. Experience building and reviewing architectures, focusing on security best practices. An understanding of reading and implementing security y controls in new and existing architectures, coupled with the ability to communicate successfully with the greater security organization, is required.

Strong experience with Kubernetes and service mesh orchestration:
Must have experience with Kubernetes in production environments. Have experience with best practices in deploying Kubernetes and have a firm grasp on the challenges and solutions around securing a cluster. Experience with service mesh orchestration as a means to inject security (Istio, Linkerd, etc.) is a key piece of our projects.

Strong Dev Sec Ops  practices:
Experienced with injecting security hardening and best practices into existing and new projects that follow Dev Ops practices. The candidate is expected to absorb existing security strategies and engineer solutions in active and new CI/CD Pipelines, IaC, and configuration management tools. Looking for a candidate who is excited about shifting security early in the application and platform lifecycle and optimizing observability.

Experienced Dev Ops Tools Management:
Experience managing and contributing to tooling that helps keep the Dev Ops culture functional and fruitful for application teams. Experience managing and deploying CI/CD tools and artifact repositories is also considered favorable.

Able to be cleared for a Public Trust clearance.

This is a remote position.