Motion Recruitment
DevOps Engineer
Motion Recruitment, Arlington, Virginia, 22201
DevOps Engineer This company is a small team on a mission to transform government technology acquisition and innovation scouting. Their purpose-driven approach allows to create a meaningful impact, making our work environment ideal for those looking to break free from the mundane and grow together. The company is located in Rosslyn, VA and will be a 5 days on site in Rosslyn, VA. Required Skills & Experience: Cloud Security Team Develops and conducts security awareness and training programs. Designs, implements, and maintains security systems to protect networks and data. Creates and enforces security policies to comply with industry standards like GDPR, FISMA, and NIST 800-53 FedRAMP. Manages security infrastructure, including IDS/IPS systems. Configures and uses Splunk for security monitoring and incident response. Reviews and investigates daily security alerts. Analyzes and addresses security incidents and implements preventive measures. Generates regular security reports. Integrates security measures into system designs with cross-functional teams. Conducts risk and vulnerability assessments and recommends solutions. Provides insights on potential security risks and enhancements. Performs security audits and assessments, including user access control and vulnerability assessments. Updates system policies and procedures (e.g., SSP). Stays current with security threats and trends. Performs penetration testing and monthly security scans using tools like Burp, OWASP, and Nessus. Reviews, analyzes, and documents scan findings in GitLab. Conducts STIG or CIS Compliance scans and documents findings. Performs independent research on security vulnerabilities and provides remediation processes. Documents security issues and findings in GitLab. Tracks and manages POA&M lists and holds monthly security meetings. Documents deviations and exceptions in GitLab. Participates in incident response activities. Manages and maintains security tools and technologies. Collaborates with vendors to implement security solutions. Assesses and configures new security tools. Experienced with AWS native security tools. Takes ownership of tasks and adapts quickly to new challenges. Cloud Infrastructure Team: Strong troubleshooting and problem-solving skills; communicates effectively with team members. Designs and deploys scalable, secure AWS cloud infrastructure solutions. Experienced with AWS tools and services like ECS, IAM, KMS, S3, and CloudWatch. Manages virtual machines, EC2, containers, and serverless functions. Implements and manages VPC networking components for secure communication. Manages IAM policies and controls within AWS. Experienced with networking, Cloud Guard Network Security, NFS, LVM, and rsyslog. Proficient in scripting (bash, Python) for task automation. Utilizes Terraform and Ansible for infrastructure automation and server hardening. Implements DevSecOps using GitLab for pipeline automation with AWS containers. Configures security endpoint tools and SIEM tools like Splunk. Monitors and optimizes cloud resource performance. Implements backup and disaster recovery strategies. Ensures compliance with security and privacy standards like GDPR, FISMA, and NIST 800-53 FedRAMP. Develops SOPs and updates technical documentation. Conducts regular security assessments and audits. Collaborates on cloud infrastructure best practices. Stays current with cloud technologies and trends. Provides technical support and troubleshooting. Conducts independent research on new tools and their configuration. Takes ownership of tasks and adapts quickly to new challenges. Experienced with web (nginx), application (tomcat), and database (MariaDB) administration. Applicants must be currently authorized to work in the United States on a full-time basis now and in the future. This position doesn't provide sponsorship. Posted by: Ashton Corbett Specialization: DevOps