MetroStar Systems, LLC
Sr. Solutions Architect III (5460)
MetroStar Systems, LLC, Washington, District of Columbia, us, 20022
As a Sr. DevSecOps Architect III (DevSecOps),
you'll be an experienced and motivated Solution Architect with a strong emphasis on DevSecOps practices. You will play a pivotal role in designing, implementing, and overseeing the integration of security practices into our development and operations processes. Your expertise will ensure the secure and efficient delivery of our software solutions while maintaining the highest standards of cybersecurity.
What you'll do:
Collaborate with cross-functional teams to develop and refine DevSecOps strategies that align with business objectives, development goals, and security requirements.Design and implement secure CI/CD pipelines, automation frameworks, and deployment processes that seamlessly integrate security checks and controls.Champion the integration of security practices throughout the software development lifecycle (SDLC), including threat modeling, code analysis, vulnerability scanning, and penetration testing.Collaborate with development teams to implement security best practices, such as secure coding guidelines and secure software design principles.Evaluate, select, and integrate security tools and technologies that enhance the DevSecOps pipeline, such as static analysis tools, dynamic analysis tools, and container security platforms.Identify potential security risks and vulnerabilities in applications, infrastructure, and processes, and work with relevant stakeholders to implement appropriate mitigations.Provide guidance on risk assessment, risk management, and compliance with industry standards and regulations.Collaborate with cross-functional teams to share knowledge and promote continuous learning related to DevSecOps practices.Create comprehensive documentation that outlines the architecture, design decisions, security measures, and processes implemented within the DevSecOps pipeline.
What you'll need to succeed:
Active TS/SCI Clearance with CI polyAt least 12 years of experience as a DevSecOps Architect or similar role, with a focus on integrating security into the software development lifecycle.Strong experience architecting, designing, and building DevSecOps solutions at scale, in the cloud, across multiple classification domains (IL5 to IL6+) simultaneouslyExpert understanding of DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium).Expert-level experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and securing cloud-based applications and services.Strong understanding of containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, EKS) and securing containerized applications.Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma CloudProficiency in scripting languages (e.g., Python, Bash) for automation and tool integration.Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST).Strong problem-solving skills and the ability to work effectively in a fast-paced, collaborative environment.Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholdersCloud certifications such as AWS Solutions Architect Associate/Professional, AWS SysOps Administrator, AWS Developer, or AWS DevOps Engineer
#J-18808-Ljbffr
you'll be an experienced and motivated Solution Architect with a strong emphasis on DevSecOps practices. You will play a pivotal role in designing, implementing, and overseeing the integration of security practices into our development and operations processes. Your expertise will ensure the secure and efficient delivery of our software solutions while maintaining the highest standards of cybersecurity.
What you'll do:
Collaborate with cross-functional teams to develop and refine DevSecOps strategies that align with business objectives, development goals, and security requirements.Design and implement secure CI/CD pipelines, automation frameworks, and deployment processes that seamlessly integrate security checks and controls.Champion the integration of security practices throughout the software development lifecycle (SDLC), including threat modeling, code analysis, vulnerability scanning, and penetration testing.Collaborate with development teams to implement security best practices, such as secure coding guidelines and secure software design principles.Evaluate, select, and integrate security tools and technologies that enhance the DevSecOps pipeline, such as static analysis tools, dynamic analysis tools, and container security platforms.Identify potential security risks and vulnerabilities in applications, infrastructure, and processes, and work with relevant stakeholders to implement appropriate mitigations.Provide guidance on risk assessment, risk management, and compliance with industry standards and regulations.Collaborate with cross-functional teams to share knowledge and promote continuous learning related to DevSecOps practices.Create comprehensive documentation that outlines the architecture, design decisions, security measures, and processes implemented within the DevSecOps pipeline.
What you'll need to succeed:
Active TS/SCI Clearance with CI polyAt least 12 years of experience as a DevSecOps Architect or similar role, with a focus on integrating security into the software development lifecycle.Strong experience architecting, designing, and building DevSecOps solutions at scale, in the cloud, across multiple classification domains (IL5 to IL6+) simultaneouslyExpert understanding of DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium).Expert-level experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and securing cloud-based applications and services.Strong understanding of containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, EKS) and securing containerized applications.Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma CloudProficiency in scripting languages (e.g., Python, Bash) for automation and tool integration.Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST).Strong problem-solving skills and the ability to work effectively in a fast-paced, collaborative environment.Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholdersCloud certifications such as AWS Solutions Architect Associate/Professional, AWS SysOps Administrator, AWS Developer, or AWS DevOps Engineer
#J-18808-Ljbffr