TechnoGen
Cybersecurity DevSecOps Engineer Job at TechnoGen in Washington
TechnoGen, Washington, DC, United States
Position: Cybersecurity DevSecOps Engineer
Location: Remote
Duration: 480 Hours per year
Job Description:
•The Cybersecurity DevSecOps Engineer is a security-focused engineer dedicated to enhancing the security posture throughout the DOL DevSecOps lifecycle;
•Drive the unification and automation of processes to enable development of software capability across the entire DOL organization, instrumental in combining code, application maintenance, and application management;
•Define, implement, and maintain secure pipelines, promoting a culture of rapid and safe iteration; Design and refine scalable and reliable CI/CD processes with a security-first approach; Develop and enhance a robust build pipeline, automating secure build/artifact delivery and deployment; Use your expertise to identify and mitigate security risks, always prioritizing reasoning and facts;
•Collaborate with the existing team to integrate and improve upon current infrastructure with security best practices;
•Conduct threat modeling and risk assessments, ensuring that potential vulnerabilities are identified and addressed collaboratively;
•Lead and participate in security training and awareness initiatives for the development team;
•Develop and maintain an incident response plan, ensuring preparedness in the event of a security breach; Collaborate with other developers to address security concerns at the root and craft lasting solutions.
•Works actively with application development teams, DOL security/ISO, Infrastructure and other teams to coordinate and optimize the steps that execute within the DevOps ecosystem and bring consistency and security best practices in approach, tools, and standards.
Experience Requirements:
•Bachelor's degree with seven (10) plus years IT development experience (with a minimum of 5 years of experience in DevSecOps practice & tools);
•Experience building DevSecOps services in IaaS/PaaS/SaaS in Cloud (AWS, Azure) environments and good understanding of their security considerations;
•Familiarity with containerization and orchestration tools like Docker and Kubernetes;
•Experience with Kubernetes, Docker, and/or other cloud orchestration technologies;
•Experience with CI/CD best practices, automated builds and tests, quality gates, software quality, and CI tools, i.e., Jenkins, Ansible, Terraform, etc.;
•Experience with configuration management tools, i.e., Git, GitHub, GitLab, Bitbucket, others;
•Familiarity with branching strategies, gated commits, source- controlled management, etc;
•Familiarity with the principle of DevSecOps; Atlassian JIRA or other defect tracking tool experience; Atlassian Confluence, GitLab/GitHub, Jenkins, and artifact repository experience;
•Familiarity with security coding standard best practices, static and dynamic scanning tools, i.e., SonarQube, Fortify, Coverity, PCLint, etc;
•Programming and scripting experience in a UNIX environment (Bash, Shell, PowerShell, Perl, Python, Bash, Ruby, Shell, Scripts);
•Must have Agile/SAFe, and other related developer certifications and or demonstrate equivalent experience;
•Experience with tools and methodologies for code vulnerability and scanning.
Best Regards,
Ashok Kumar
Sr. Talent Acquisition Specialist
Phone: 443-832-6103
Email: ashok.c@technogeninc.com
Web: www.technogeninc.com
4229 Lafayette Center Dr, Suite 1880, Chantilly, VA 20151
Location: Remote
Duration: 480 Hours per year
Job Description:
•The Cybersecurity DevSecOps Engineer is a security-focused engineer dedicated to enhancing the security posture throughout the DOL DevSecOps lifecycle;
•Drive the unification and automation of processes to enable development of software capability across the entire DOL organization, instrumental in combining code, application maintenance, and application management;
•Define, implement, and maintain secure pipelines, promoting a culture of rapid and safe iteration; Design and refine scalable and reliable CI/CD processes with a security-first approach; Develop and enhance a robust build pipeline, automating secure build/artifact delivery and deployment; Use your expertise to identify and mitigate security risks, always prioritizing reasoning and facts;
•Collaborate with the existing team to integrate and improve upon current infrastructure with security best practices;
•Conduct threat modeling and risk assessments, ensuring that potential vulnerabilities are identified and addressed collaboratively;
•Lead and participate in security training and awareness initiatives for the development team;
•Develop and maintain an incident response plan, ensuring preparedness in the event of a security breach; Collaborate with other developers to address security concerns at the root and craft lasting solutions.
•Works actively with application development teams, DOL security/ISO, Infrastructure and other teams to coordinate and optimize the steps that execute within the DevOps ecosystem and bring consistency and security best practices in approach, tools, and standards.
Experience Requirements:
•Bachelor's degree with seven (10) plus years IT development experience (with a minimum of 5 years of experience in DevSecOps practice & tools);
•Experience building DevSecOps services in IaaS/PaaS/SaaS in Cloud (AWS, Azure) environments and good understanding of their security considerations;
•Familiarity with containerization and orchestration tools like Docker and Kubernetes;
•Experience with Kubernetes, Docker, and/or other cloud orchestration technologies;
•Experience with CI/CD best practices, automated builds and tests, quality gates, software quality, and CI tools, i.e., Jenkins, Ansible, Terraform, etc.;
•Experience with configuration management tools, i.e., Git, GitHub, GitLab, Bitbucket, others;
•Familiarity with branching strategies, gated commits, source- controlled management, etc;
•Familiarity with the principle of DevSecOps; Atlassian JIRA or other defect tracking tool experience; Atlassian Confluence, GitLab/GitHub, Jenkins, and artifact repository experience;
•Familiarity with security coding standard best practices, static and dynamic scanning tools, i.e., SonarQube, Fortify, Coverity, PCLint, etc;
•Programming and scripting experience in a UNIX environment (Bash, Shell, PowerShell, Perl, Python, Bash, Ruby, Shell, Scripts);
•Must have Agile/SAFe, and other related developer certifications and or demonstrate equivalent experience;
•Experience with tools and methodologies for code vulnerability and scanning.
Best Regards,
Ashok Kumar
Sr. Talent Acquisition Specialist
Phone: 443-832-6103
Email: ashok.c@technogeninc.com
Web: www.technogeninc.com
4229 Lafayette Center Dr, Suite 1880, Chantilly, VA 20151