- Maintain Azure DevOps pool agent servers.
- Monitor and coordinate security findings.
- Manage the program testing processes and testing activities of the security program.
- Manage the resolution of open issues and communicate essential information to stakeholders.
- Administer applications and users and field troubleshooting questions for users and other stakeholders.
- Analyze internal security and provide relevant information to internal and external stakeholders.
- Analyze all platform level system changes and monitor impact and provide appropriate technical solutions to resolve issues efficiently; evaluate and document operating baseline according to required standards.
- Work with Project teams to review vulnerabilities and manage the resolution of vulnerabilities.
- Support the creation and maintenance of program documentation including Standard Operating Procedures, Test Plans, Reference Guides, Troubleshooting Guides, Training Guides, etc.
- Strong understanding of DevSecOps tools and processes, as well as OWASP top risks and mitigations.
- Hands-on experience in installing, configuring, operating, and monitoring CI/CD pipeline tools.
- Previous work writing/developing CI/CD pipelines using YAML, maintaining/configuring build agents, and generating documentation and statements of procedures for these processes.
- Experience integrating static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and other application security tools (i.e., IaC scanning, container security, etc.) into CI/CD pipelines to automate security testing.
- Examples include Fortify SCA, Fortify WebInspect, Sonatype, Checkov, Owasp ZAP, Burp Suite, etc.
- Knowledge of NIST's Secure Software Development Framework and how code scanning tools align.
- Ability to troubleshoot, via log analysis, both frequent and infrequent technical issues related to CI/CD pipeline run errors.
- Programming/scripting experience in Python/PowerShell to design and implement automation to streamline processes.
- Solid understanding of other core programming languages such as C#/.NET, Java, , PHP, etc. to aid in troubleshooting of customer CI/CD pipelines.
- Experience reviewing and validating outputs of code scans to assist customers in identify true positives and provide appropriate remediation guidance.
- Active DOD Secret Clearance
-
Security Engineer
3 weeks ago
ARK Solutions, Inc. Washington, United StatesCLIENT: Federal · Position : Security Engineer/ Splunk Engineer · 6 months Contract · Washington, DC (Onsite) · Education: Bachelor's degree in in Cybersecurity or related field. · Required Skills: "Five (5) to seven (7) years of hands-on experience with security monitoring tool ...
-
Security Engineer
3 weeks ago
Global InfoTek Washington, United StatesClearance Level: Top Secret clearance with SCI eligibility · US Citizenship: Required · Job Classification: Full-time · Location: District of Columbia · Experience: 5 years of experience in system security analysis and implementation; secure system engineering or design; and ...
-
Security Engineer
3 weeks ago
Verotis Washington, United StatesVerotis is seeking an experienced Security Engineer to support security operations, strategy, planning, architecture, vulnerability assessments and remediation, and coordination with various government security entities. This includes the documentation of security strategy, plann ...
-
Cloud Security Engineer
1 week ago
Constellation West Washington, United StatesConstellation West is seeking a highly motivated Cloud Engineer to join our team in pursuing a contract with the USDA. This presents a distinctive chance for an experienced Federal Government contractor with CCSP and AZ-900 certifications to contribute to the writing and speak on ...
-
Sr Security Engineer
3 weeks ago
Gridiron IT Washington, United StatesGridIron IT is seeking a · Security Engineer local · to · Washington DC. · Onsite 2/3 days a week in Washington, DC. DOJ Public Trust requirement- If the candidate does not have one, must be eligible to clear. TS or Secret can qualify for reciprocity. Veteran is a plus (not a ...
-
Product Security Engineer
3 weeks ago
CoStar Realty Information, Inc. Washington, United StatesProduct Security Engineer - Web Applications · Job Description · Overview · CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoS ...
-
System Security Engineer
1 week ago
Nationwide IT Services, Inc. Washington, United StatesSystem Security Engineer Washington, DC Apply Now · System Security Engineer · Active Top Secret/SCI eligible Clearance Required DOE Clearable · Washington DC · Position Overview: · Nationwide IT Services is seeking a Physical Security Specialist to support our Federal Client in ...
-
Senior Application Security Engineer
4 days ago
Dexian Washington, United StatesPosition: Senior Application Security Engineer · Location: Washington DC (Hybrid) · Job Type: 3 months contract - Possible extension · Job description: · Role: Senior Application Security Engineer · Client seeks a skilled professional to assist with Application Security Engine ...
-
Cloud Security Engineer
1 week ago
Koniag Government Services Washington, United StatesATS · Job ID · Arlluk Technology Solutions , a Koniag Government Services company, is seeking an experienced · Cloud Security Engineer · with a TS/SCI clearance to support · ATS · and our government customer in Washington, DC. · We offer competitive compensation and an ext ...
-
Software Security Engineer
4 days ago
ClearFocus Technologies Washington, United StatesClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA.We specialize in cybersecurity and support multiple government and commercial clients for a variety · of missions. We value our clients, integrity and employees and believe a single person can make ...
-
Cloud Security Engineer
4 days ago
Constellation West Washington, United StatesConstellation West is seeking a highly motivated Cloud Engineer to join our team in pursuing a contract with the USDA. This presents a distinctive chance for an experienced Federal Government contractor with CCSP and AZ-900 certifications to contribute to the writing and speak on ...
-
Sr. Security Engineer
3 weeks ago
Funko Washington, United StatesFunko Overview · Welcome to the Funko-verse, a world built on pure imagination, a land governed by the philosophy that stories matter, a universe comprised of characters from countless fandoms, a galaxy of once upon a times and happily ever afters. · But what does Funko do? · Fun ...
-
Security Engineer Senior
3 weeks ago
SAIC Washington, United States· SAIC seeks a Senior Security Engineer to supporting the Department of Transportation's Cybersecurity mission by joining a dedicated team of cybersecurity professionals who collaborate, cooperate, and facilitate maintaining and enhancing the security posture of DOT information ...
-
Cyber Security Engineering
3 weeks ago
Bering Straits Native Corporation (BSNC) Washington, United StatesOverview: · Visit our website at to apply · Equal Opportunity Employer/Veterans/Disabled · SUMMARY · Bering Global Solutions (BGS) a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Cyber Security Engineer (SIEM/SOAR) for Washington D.C. · ...
-
Security Operations Engineer
1 week ago
Abacus Washington, United StatesCandidates Request Form · 1 · Job Title · Security Operations Engineer · 2 · Client Company/Dept. Name · Congressional Budget Office · 3 · Address · FHOB, 2nd & D Streets SW · Washington, DC 20515 · City Name · DC · State Name · WA-Washington · Zip Code · If others ...
-
Cloud Security Engineer
3 weeks ago
ECS Limited Washington, United StatesECS is seeking a Cloud Security Engineer - Mid to work in our Washington, DC office. · Job Description: · Identify security issues and risks, develop mitigation plans; architect, design, implement, support, and evaluate security focused tools and services · Develop and interpret ...
-
Network Security Engineer
1 week ago
ECS Limited Washington, United StatesECS is seeking a · Network Security Engineer · to work in our · Washington, DC · office. · Please Note: · This position is contingent upon contract award. · Job Description: · Day-to-day triage, investigation, and mitigation of security threats, network incidents as well ...
-
Security Engineer II
2 weeks ago
Agile Defense Washington, United StatesAgile Defense provides leading-edge Digital Transformation solutions to support and advance our customers' mission. We deliver innovative and high-quality services to our customers worldwide through an empowered and engaged workforce. · Job Title: · Security Engineer II · Locati ...
-
Network Security Engineer
3 weeks ago
Infojini Washington, United StatesJob Title - Network Security Engineer · Contract - 12+ Months Contract with Possible Extension · Location - Washington, DC · REMOTE ROLE (Need to visit for occasional meetings) · Required skill set must include: · 7+ years experience in firewall and network administration (emphas ...
-
Intermediate Security Engineer
1 week ago
Chenega MIOS SBU Washington, United StatesReq ID:31178 · Summary · Intermediate Security Engineer (Cloud/DevSecOps) · Hybrid Schedule: In person, in the Washington, DC office twice a pay period. · Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a ca ...
Cyber Security Engineer - Washington, United States - Kalani Consulting
Description
Cyber Security EngineerKalani Consulting Inc recently awarded Best and Brightest Companies to Work for in The Nation for the second year in a row and Washington Post's Top Workplaces of 2023 is looking to add more talent to our team Kalani is a fast-growing small business located in Northern Virginia with an increasing base of government customers. We specialize in Information Technology, and Management Consulting. We offer very competitive salaries and benefits and are an employee-focused company. Join us and experience the Aloha Spirit
Overview:
This individual will serve as the Senior Information Systems Security Engineer and Senior Technical Consultant for the Department of State DevOps team, Solution Architecture team and Application Vulnerability Assessment Program. Responsibilities include developing pipelines. Must be able to configure, implement and administer Fortify Static Code Analyzer, Web Inspect, OWASP and SonaType into the Azure DevOps pipeline and provide hands-on technical subject matter expertise for applications using the application scanning tools.
Responsibilities: