General Dynamics Information Technology
DevSecOps Engineer/Configuration Manager - (TS/SCI REQUIRED)
General Dynamics Information Technology, Washington, District of Columbia, us, 20022
Type of Requisition:
RegularClearance Level Must Currently Possess:
Top Secret/SCIClearance Level Must Be Able to Obtain:
Top Secret/SCISuitability:
DHS EODPublic Trust/Other Required:Job Family:
CloudJob Qualifications:Skills:
Cloud DevOps, Cloud Software, Cybersecurity, DevSecOpsCertifications:Experience:
5 + years of related experienceUS Citizenship Required:
YesJob Description:Seeking a DevSecOps engineering professional to help identify critical data flows between microservices and find vulnerabilities within a cloud environment for a large government agency. The DevSecOps engineer will assist with end-to-end technical planning, implementation, deployment, security, operation and enhancement of complex systems. Position requires a strong background in cybersecurity software, threat modelling and risk assessments to detect and analyze threats.Duties:Stay current with the latest application security knowledge and security trends to continuously improve internal processes;Instill and foster adoption of DevSecOps practices through productive engagement with the engineering teams;Assist in the development of security operations for monitoring, testing, auditing, and regulatory compliance;Identify security threats by conducting continual monitoring, penetration testing, vulnerability assessments, and audit log analysis;Build, maintain and communicate the overall security integrity of the cloud environments;Remediate identified vulnerabilities;Conduct internal security audits and execute remediation plans;Protect assets spanning across infrastructure, platform, CI/CD pipelines and applications;Deploy and administer security monitoring tools for the SecOps team, and perform frequent risk assessments;Collaborate with engineers to build a continuous delivery environment that will support the technical needs of our roadmap;Conduct incident response activities ranging from containment to remediation and lessons learned;Design and implement mechanisms that efficiently identify and mitigate security risks within the existing DevOps workstreams;Work with development teams to improve the secure software development lifecycle.Skills and Experience:Experience working in defense or intelligence community Cloud environments, including AWS GovCloud and C2SKnowledge of the DevOps principles and knowledge of automation software commonly used on DevOps projects.An understanding of programming languages such as Python, Java, Ruby, Perl, and PHP.Knowledge of AWS, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management.Broad understanding of security control techniques and application in a traditional IT environment and cloud-based systems;Ability to assess and analyze a wide range of information to draw conclusions on improvements to the security of systems.Understanding of security considerations around RESTful APIs.Strong teamwork and communication skills.Knowledge of threat modelling and risk assessment techniques.Current knowledge of cybersecurity threats, current best practices and latest software.Experience as an IT security professional.Degree in computer science, cybersecurity, math, engineering or science.Practical industry standard certification, such as that offered by Microsoft, CompTIA, Cisco or Certified Ethical Hacker (CEH).Accredited DevOps qualifications or DevSecOps Engineering (DSOE) qualifications.Preferred:4-6 years of overall experience, to include a minimum of 3 years of enterprise understanding of the methods of technical attack and how these can be detected in a digital environment.Able to communicate technical issues to technical and non-technical audiences.Ability to multi-task on multiple projects in a fast-paced environment; able to manage project tasks, scope change, and schedules to keep projects on-track.Relevant hands-on and implementation experience in software development, network security, recognizing the security threats, and configuring the network infrastructure.Knowledge of the implementation of risk assessment techniques and the latest security best practices.Scheduled Weekly Hours:
40Travel Required:
NoneTelecommuting Options:
HybridWork Location:
USA DC WashingtonAdditional Work Locations:We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
#J-18808-Ljbffr
RegularClearance Level Must Currently Possess:
Top Secret/SCIClearance Level Must Be Able to Obtain:
Top Secret/SCISuitability:
DHS EODPublic Trust/Other Required:Job Family:
CloudJob Qualifications:Skills:
Cloud DevOps, Cloud Software, Cybersecurity, DevSecOpsCertifications:Experience:
5 + years of related experienceUS Citizenship Required:
YesJob Description:Seeking a DevSecOps engineering professional to help identify critical data flows between microservices and find vulnerabilities within a cloud environment for a large government agency. The DevSecOps engineer will assist with end-to-end technical planning, implementation, deployment, security, operation and enhancement of complex systems. Position requires a strong background in cybersecurity software, threat modelling and risk assessments to detect and analyze threats.Duties:Stay current with the latest application security knowledge and security trends to continuously improve internal processes;Instill and foster adoption of DevSecOps practices through productive engagement with the engineering teams;Assist in the development of security operations for monitoring, testing, auditing, and regulatory compliance;Identify security threats by conducting continual monitoring, penetration testing, vulnerability assessments, and audit log analysis;Build, maintain and communicate the overall security integrity of the cloud environments;Remediate identified vulnerabilities;Conduct internal security audits and execute remediation plans;Protect assets spanning across infrastructure, platform, CI/CD pipelines and applications;Deploy and administer security monitoring tools for the SecOps team, and perform frequent risk assessments;Collaborate with engineers to build a continuous delivery environment that will support the technical needs of our roadmap;Conduct incident response activities ranging from containment to remediation and lessons learned;Design and implement mechanisms that efficiently identify and mitigate security risks within the existing DevOps workstreams;Work with development teams to improve the secure software development lifecycle.Skills and Experience:Experience working in defense or intelligence community Cloud environments, including AWS GovCloud and C2SKnowledge of the DevOps principles and knowledge of automation software commonly used on DevOps projects.An understanding of programming languages such as Python, Java, Ruby, Perl, and PHP.Knowledge of AWS, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management.Broad understanding of security control techniques and application in a traditional IT environment and cloud-based systems;Ability to assess and analyze a wide range of information to draw conclusions on improvements to the security of systems.Understanding of security considerations around RESTful APIs.Strong teamwork and communication skills.Knowledge of threat modelling and risk assessment techniques.Current knowledge of cybersecurity threats, current best practices and latest software.Experience as an IT security professional.Degree in computer science, cybersecurity, math, engineering or science.Practical industry standard certification, such as that offered by Microsoft, CompTIA, Cisco or Certified Ethical Hacker (CEH).Accredited DevOps qualifications or DevSecOps Engineering (DSOE) qualifications.Preferred:4-6 years of overall experience, to include a minimum of 3 years of enterprise understanding of the methods of technical attack and how these can be detected in a digital environment.Able to communicate technical issues to technical and non-technical audiences.Ability to multi-task on multiple projects in a fast-paced environment; able to manage project tasks, scope change, and schedules to keep projects on-track.Relevant hands-on and implementation experience in software development, network security, recognizing the security threats, and configuring the network infrastructure.Knowledge of the implementation of risk assessment techniques and the latest security best practices.Scheduled Weekly Hours:
40Travel Required:
NoneTelecommuting Options:
HybridWork Location:
USA DC WashingtonAdditional Work Locations:We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
#J-18808-Ljbffr