Leidos Inc
DevSecOps Engineer
Leidos Inc, Oklahoma City, Oklahoma, United States, 73116
DescriptionThe Multi Domain Solutions Division at Leidos is looking for a
DevSecOps Engineer
to support a fast-paced program with the Air Force Life Cycle Management Center. The
DevSecOps Engineer
will enhance the integration of security practices into our DevOps processes for a large Air Force weapons system program. This role is vital for ensuring that security is a fundamental aspect of the software development lifecycle. The ideal candidate will have experience in DevSecOps practices and a strong desire to improve security measures within our applications. This position offers a valuable opportunity to further develop your career in DevSecOps within an Air Force program, contributing to the secure and efficient development of software in a challenging and innovative environment.Primary Responsibilities:Support the integration of security practices into the DevOps pipeline for DoD applications, ensuring compliance with relevant standards.Implement and automate security tools and processes within CI/CD workflows to enhance the security posture of applications.Conduct vulnerability assessments, penetration testing, and threat modeling to identify and remediate security issues.Collaborate with development and operations teams to establish secure coding practices and implement security controls.Configure and manage security tools, including static code analysis, dynamic application security testing, and infrastructure as code (IaC) security.Participate in incident response activities, monitoring security alerts and incidents, and coordinating with cross-functional teams.Mentor junior team members and provide guidance on DevSecOps best practices and tools.Basic Qualifications:US Citizen with at least a Top Secret clearance4+ Years of Experience and a Bachelor's degree in Computer Science or similar field. Additional Experience may be considered in lieu of degree.Three to five years of experience performing or supporting software development activities in a professional capacity.Strong understanding of software development paradigms and supporting technologies (e.g. change management & version control, CI/CD, Agile planning tools such as Jira or Gitlab)Strong experience with Linux and Windows operating systems, network administration, and networking protocols/functions (e.g., HTTP, HTTPS, SSL/TLS, SMTP, DNS)Experience provisioning and managing resources within IaaS/Cloud infrastructures (e.g., Azure, AWS, Google Cloud Platform, etc.)Experience with container technologies such as Docker and container orchestration tools like KubernetesExperience with automated provisioning and configuration tools like Terraform, CloudFormation, Chef, Puppet, Ansible or similar technologiesExcellent problem solving and analysis skills, including the ability to logically create structure and order from unstructured inputs.Self-starter that is able to work independently while possessing the communication skills to work effectively with software development teams and customers.Excellent interpersonal, verbal and written communication skills.Ability to obtain U.S. DoD Secret security clearance.Preferred Qualifications:Experience with Air Force Life Cycle Management Center programs.DoD 8570 IAM Level II certification or higher (e.g. CASP, CISM, CISSP) or DoD 8140 Advanced certificationsIntermediate or better cloud certifications such as Microsoft Certified: Azure Solutions Architect Expert or similar certification from another cloud provider.Experience with security tools and practices related to DevSecOps (e.g., SAST, DAST, IAST).Experience with compliance standards (e.g., OWASP, NIST) and DoD regulations.Understanding of Infrastructure as Code (IaC) and security automation.Three to five years of experience performing DevSecOps activities in a professional capacity.Interest in continuous learning and professional development in cybersecurity and DevOps practices.
#J-18808-Ljbffr
DevSecOps Engineer
to support a fast-paced program with the Air Force Life Cycle Management Center. The
DevSecOps Engineer
will enhance the integration of security practices into our DevOps processes for a large Air Force weapons system program. This role is vital for ensuring that security is a fundamental aspect of the software development lifecycle. The ideal candidate will have experience in DevSecOps practices and a strong desire to improve security measures within our applications. This position offers a valuable opportunity to further develop your career in DevSecOps within an Air Force program, contributing to the secure and efficient development of software in a challenging and innovative environment.Primary Responsibilities:Support the integration of security practices into the DevOps pipeline for DoD applications, ensuring compliance with relevant standards.Implement and automate security tools and processes within CI/CD workflows to enhance the security posture of applications.Conduct vulnerability assessments, penetration testing, and threat modeling to identify and remediate security issues.Collaborate with development and operations teams to establish secure coding practices and implement security controls.Configure and manage security tools, including static code analysis, dynamic application security testing, and infrastructure as code (IaC) security.Participate in incident response activities, monitoring security alerts and incidents, and coordinating with cross-functional teams.Mentor junior team members and provide guidance on DevSecOps best practices and tools.Basic Qualifications:US Citizen with at least a Top Secret clearance4+ Years of Experience and a Bachelor's degree in Computer Science or similar field. Additional Experience may be considered in lieu of degree.Three to five years of experience performing or supporting software development activities in a professional capacity.Strong understanding of software development paradigms and supporting technologies (e.g. change management & version control, CI/CD, Agile planning tools such as Jira or Gitlab)Strong experience with Linux and Windows operating systems, network administration, and networking protocols/functions (e.g., HTTP, HTTPS, SSL/TLS, SMTP, DNS)Experience provisioning and managing resources within IaaS/Cloud infrastructures (e.g., Azure, AWS, Google Cloud Platform, etc.)Experience with container technologies such as Docker and container orchestration tools like KubernetesExperience with automated provisioning and configuration tools like Terraform, CloudFormation, Chef, Puppet, Ansible or similar technologiesExcellent problem solving and analysis skills, including the ability to logically create structure and order from unstructured inputs.Self-starter that is able to work independently while possessing the communication skills to work effectively with software development teams and customers.Excellent interpersonal, verbal and written communication skills.Ability to obtain U.S. DoD Secret security clearance.Preferred Qualifications:Experience with Air Force Life Cycle Management Center programs.DoD 8570 IAM Level II certification or higher (e.g. CASP, CISM, CISSP) or DoD 8140 Advanced certificationsIntermediate or better cloud certifications such as Microsoft Certified: Azure Solutions Architect Expert or similar certification from another cloud provider.Experience with security tools and practices related to DevSecOps (e.g., SAST, DAST, IAST).Experience with compliance standards (e.g., OWASP, NIST) and DoD regulations.Understanding of Infrastructure as Code (IaC) and security automation.Three to five years of experience performing DevSecOps activities in a professional capacity.Interest in continuous learning and professional development in cybersecurity and DevOps practices.
#J-18808-Ljbffr