DevSecOps Engineer Manager with Security Clearance - Boston, MA, United States - Autonodyne

Description

DevSecOps Engineer Manager Department:
IT and

Security Location: 320 Congress Street 1st Floor Boston, MA 02210 Autonodyne is a Boston-based software company working to provide additive autonomy to unmanned vehicles in land, sea, and air domains.

Our technology stack applies mainly to the defense sector, but we view most of our work as dual use for commercial applications.

We are a rapidly growing organization with over 50 people employed today.

Our company culture balances delivering software solutions that make a difference with the relaxed office environment where dogs are welcomed.

At Autonodyne we specialize in the command and control of autonomous vehicles. Our software suite sits at the nexus of Human-Machine Interface & Autonomy Behaviors. We are searching for a DevSecOps Engineer who is passionate about unmanned systems. The ideal candidate can effectively utilize skills to design and develop DevSecOps architecture for new or existing systems. In addition to coordinating system development to include design, modeling, security, integration, and formal testing.


Responsibilities:

• Implement and evaluate information systems security programs for assigned programs in compliance with NISPOM, DCID 6/3, JAFAN 6/3, ICD 503, and JSIG RMF.
• Design, create, and modify software development environments that meet government requirements for managing and processing IL4 and above data.
• Create and maintain development CI/CD pipelines within a software development environment with tools such as (Gitlab, Jira, Confluence, Jenkins, Fortify, etc.)
• Design, develop, and recommend integrated security solutions for multiple classified information systems.
• Provide systems engineering and integration support for the integration of newly developed capabilities targeted for the Test, Staging, and Operational environments;
• Designs, develops, automates, and maintains productivity tools using programming, database, or scripting languages to improve software modeling and development;
• Prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM).
• Facilitate the development, documentation, and presentation of information system security education, awareness, and training activities for users and others, as appropriate.
• Ensure system security measures comply with applicable government policies, provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
• Provide methods to automatically deploy existing or newly identified services, COTS and GOTS products, custom code, and software developed by the Government to provide an overall solution that meets program and product owner objectives
• Conduct reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional

Minimum Qualifications:

• Knowledge of Risk Management Framework (RMF) and the implementation across multiple phases of large programs.
• A comprehension of security standards and frameworks, rules, and regulations, and system trust principles, such as FedRAMP, FIPS, NIST SP 800 Series, JSIG, OWASP, and CSA Star.
• Security+ CE, SSCP, CCNA-Security,CySA+**,GICSP, CND, SSCP or GSEC
• Prior Dev Ops experience
• Experience with proprietary and opensource applications and database services;
• U.S. Citizenship Required;
• Possess at minimum active Secret security clearance, TS preferred;
• Possess a minimum of a DoD 8570 IAM Level-III Certification (i.e. CISSP, CISM, GSLC).
• Strong analytical and problem-solving skills -communicates clearly and effectively evaluates information/data to make decisions, anticipates obstacles and develops plans to resolve, and creates actionable strategies and operational plans.
• Change-oriented - actively generates process improvements, drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities, and executes accordingly

Education and Experience:

• Bachelor's degree from an accredited college in a related field with 5 years of professional experience; or 3 years required with a related Master's degree.
• Prior Dev Ops experience, minimum 3+ years of experience.
• Experience with assessment and authorization requirements, as outlined in US government IS and security-related policies, including the 32 CFR Part NISPOM, DAAPM, RMF, ICD 503, JSIG, and NIST RMF and STIG.
• Prior experience with the system authorization process, associated artifacts and their requirements (e.g., SSP, SCTM, Security CONOPs, SOPs).

Security Clearance Statement:

• This position requires a government security clearance; you must be a US Citizen for consideration

Clearance Level:

• Active Secret Security Clearance, TS preferred Travel: This position will likely involve travel to customer and non-customer sites principally in North America (up to 10%) but global travel is also possible

Other Criteria:

Strongly prefer domicile near the Boston/Cambridge metro area but will consider non-local domicile – relocation to Boston area part of compensation package, if necessary.

Security clearance (active or previous) or the ability to be granted one desired.

In accordance with DFARS and EO 14042, all Autonodyne employees must be fully vaccinated against COVID-19 prior to start date, unless the employee is legally entitled to an accommodation.

Equal Opportunity/Affirmative Action Employer:
Autonodyne provides equal employment opportunity for all applicants and employees.

We do not unlawfully discriminate on the basis of race, color, religion, ancestry, genetic information, national origin, gender, age, marital status, sexual orientation, veteran status, family care status, pregnancy, childbirth or related medical conditions, physical or mental disability, medical condition, or with respect to any other protected class.

Job Type:
Full-time Pay: $110, $160,000.00 per year