System One
DevSecOps Engineer
System One, Herndon, Virginia, United States, 22070
DevSecOps Engineer
100% REMOTE
US Citizen- able to obtain a PT
Overview:
As a DevSecOps Engineer, you will play a critical role in integrating security practices into the DevOps pipeline, ensuring the secure and efficient development, deployment, and operation of software systems. You will collaborate closely with development, operations, and security teams to implement robust security controls, automate security testing, and monitor and respond to security threats.
Responsibilities:
Design, implement, and maintain secure CI/CD pipelines to facilitate the seamless integration of security practices into software development and deployment processes.
Conduct security assessments and vulnerability scans on infrastructure, applications, and services, and recommend remediation actions.
Automate security testing and monitoring tools to detect and respond to security threats and vulnerabilities in real-time.
Collaborate with development teams to integrate security controls and best practices into code and software development processes.
Implement and manage infrastructure and application security controls using tools like Terraform, Kubernetes, Docker, etc.
Develop and maintain security policies, standards, and procedures to ensure compliance with industry regulations and standards (e.g., PCI DSS, GDPR, HIPAA).
Perform incident response and participate in security incident investigations, including root cause analysis and resolution.
Provide guidance and support to development and operations teams on secure coding practices, security best practices, and security awareness.
Requirements:
Bachelor’s degree in Computer Science, Engineering, Information Security, or a related field (or equivalent experience).
Proven experience in DevOps or Software Development combined with a strong focus on security.
In-depth knowledge of cloud platforms (e.g., AWS, Azure, GCP) and experience with cloud security best practices.
Hands-on experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD, CircleCI) and configuration management tools (e.g., Ansible, Chef, Puppet).
Proficiency in scripting and programming languages (e.g., Python, Bash, Ruby, Java).
Experience with containerization and orchestration tools (e.g., Docker, Kubernetes) and associated security considerations.
Strong understanding of network protocols, firewall management, and application security.
Certifications such as Certified DevOps Engineer, Certified Kubernetes Administrator (CKA), Certified Information Systems Security Professional (CISSP), or similar are a plus.
Excellent communication skills and ability to collaborate effectively across teams.
#M2
#J-18808-Ljbffr
Overview:
As a DevSecOps Engineer, you will play a critical role in integrating security practices into the DevOps pipeline, ensuring the secure and efficient development, deployment, and operation of software systems. You will collaborate closely with development, operations, and security teams to implement robust security controls, automate security testing, and monitor and respond to security threats.
Responsibilities:
Design, implement, and maintain secure CI/CD pipelines to facilitate the seamless integration of security practices into software development and deployment processes.
Conduct security assessments and vulnerability scans on infrastructure, applications, and services, and recommend remediation actions.
Automate security testing and monitoring tools to detect and respond to security threats and vulnerabilities in real-time.
Collaborate with development teams to integrate security controls and best practices into code and software development processes.
Implement and manage infrastructure and application security controls using tools like Terraform, Kubernetes, Docker, etc.
Develop and maintain security policies, standards, and procedures to ensure compliance with industry regulations and standards (e.g., PCI DSS, GDPR, HIPAA).
Perform incident response and participate in security incident investigations, including root cause analysis and resolution.
Provide guidance and support to development and operations teams on secure coding practices, security best practices, and security awareness.
Requirements:
Bachelor’s degree in Computer Science, Engineering, Information Security, or a related field (or equivalent experience).
Proven experience in DevOps or Software Development combined with a strong focus on security.
In-depth knowledge of cloud platforms (e.g., AWS, Azure, GCP) and experience with cloud security best practices.
Hands-on experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD, CircleCI) and configuration management tools (e.g., Ansible, Chef, Puppet).
Proficiency in scripting and programming languages (e.g., Python, Bash, Ruby, Java).
Experience with containerization and orchestration tools (e.g., Docker, Kubernetes) and associated security considerations.
Strong understanding of network protocols, firewall management, and application security.
Certifications such as Certified DevOps Engineer, Certified Kubernetes Administrator (CKA), Certified Information Systems Security Professional (CISSP), or similar are a plus.
Excellent communication skills and ability to collaborate effectively across teams.
#M2
#J-18808-Ljbffr