- Infrastructure as Code (IaC): Develop and maintain automation for provisioning and updating the S3C stack and Kubernetes based deployments.
- Security Automation: Develop and maintain automated security testing processes, including static code analysis, static application security testing (SAST), software composition analysis (SCA), and security scanning for containers and infrastructure.
- CI/CD Pipeline Security: Integrate security checks at various stages of the CI/CD pipelines to ensure that security assessments are performed automatically during code build, testing, and deployment.
- Infrastructure Security: Implement security controls and best practices for cloud infrastructure, virtual machines, and container environments to safeguard against unauthorized access and data breaches in the S3C.
- Vulnerability Management: Identify, prioritize, and remediate security vulnerabilities across the development and testing environments. This includes coordinating with developers and operations teams to address critical issues promptly.
- Security Compliance: Work with our internal Cyber/Compliance/SECOPs groups to ensure that software and infrastructure meet relevant security compliance standards and regulations, such as DISA STIGs.
- Identity and Access Management (IAM): Manage access controls and permissions for users and applications, employing principles like least privilege and role-based access control (RBAC).
- Collaboration and Communication: Work closely with development, security, and operations teams to foster a culture of collaboration and shared responsibility for security.
- Continuous Improvement: Continuously evaluate and enhance our DevSecOps practices, tools, and processes to adapt to evolving security threats and industry best practices.
- Minimum 5 years' experience in DevOps/DevSecOps or full stack software development and test
- B.S. in a software engineering field
- Experience with containerization technologies like podman and Docker
- Experience with virtualization (hypervisor) environments such as VMware
- Experience with Linux and Windows
- Experience in software development processes, version control systems (e.g., Git), and have experience in coding and scripting languages such as Python, Ruby, JavaScript, Shell scripting, etc.
- Experience working with software development tools such as Jenkins, Maven, Gradle, Nexus, etc.
- Working knowledge of Dev[Sec]Ops and CI/CD practices
- Familiarity with Infrastructure as Code (IaC) and automation tools such as Ansible or Puppet
- Familiarity with various security concepts, vulnerabilities, and best practices
- Ability to travel approximately 10%
- Experience in DevSecOps and CI/CD
- Experience with Infrastructure as Code (IaC) and automation software such as Ansible or Puppet
- Experience with security testing tools such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), SCA (Software Composition Analysis), and other vulnerability scanning tools
- Familiarity with container orchestration platforms like Kubernetes
- Familiarity with common security threats and how to mitigate them, as well as be familiar with security frameworks and standards like OWASP and NIST
- Familiarity with industry-specific security compliance standards and regulations, such as DISA.
- Familiarity with network security concepts, firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS)
- Knowledge of authentication mechanisms (e.g., OAuth, SAML) and authorization protocols (e.g., RBAC, ABAC).
- Excellent communication skills and the ability to work effectively in a collaborative, fast-paced, and mission-driven environment
- Excellent problem-solving skills and the ability to think critically about security risks
- A willingness to adapt to new technologies and stay up to date with the latest security trends and best practices
- Be capable of working independently, but thrive in a team environment
-
DevSecOps Engineer
3 weeks ago
Latitude, Inc. Arlington, United StatesJob Description · Job DescriptionWe are seeking a talented and motivated DevSecOps Engineer to join our growing team. As a DevSecOps Engineer, you will be responsible for developing and implementing secure software solutions and maintaining the security of our infrastructure. You ...
-
DevSecOps Engineer
3 weeks ago
540 Arlington, United StatesJob Description · Job Description · 540 is looking for a DevSecOps Engineer to build capabilities powered by Apigee and Google Cloud. · Location : Arlington, VA (remote flexibility, but must be located in the DMV region) · Citizenship & Clearance Requirement : per client requir ...
-
DevSecOps Engineer
3 weeks ago
540 Arlington, United StatesJob Description · Job Description540 is looking for a DevSecOps Engineer to help our government customers migrate their workloads into Google Cloud Platform (GCP). As a member of the team, you will work to lay the foundations for dozens of customers each year. This will include w ...
-
DevSecOps Engineer
6 days ago
CoStar Group Washington, United States Full timeResponsibilities · Features (responsibilities and goals) of our product platform security suite: (AKA - what you will be building and evolving along a rockstar team that learns from and pushes each other to do great things) · Real-time vulnerability feedback in the IDE for insecu ...
-
DevSecOps Engineer
3 weeks ago
Latitude, Inc. Washington, United StatesJob Description · Job DescriptionGrowing government contractor company looking to hire Sr. DevSecOps Engineer. Due to legal contract and the position requiring a security clearance only US Citizens can be considered for the position. · The DevSecOps Engineer SME will support and ...
-
DevSecOps Engineer
3 weeks ago
RP Pro Services Washington, United StatesJob Description · Job DescriptionRP Professional Services, LLC (RP) is a rapidly growing government consulting firm headquartered in Ashburn, Virginia. We're an 8(a), Service-Disabled Veteran-Owned Small Business (SDVOSB) that exclusively enables the missions of U.S. Federal agen ...
-
DevSecOps Engineer
3 weeks ago
Mount Indie Washington, United StatesJob Description · Job DescriptionMount Indie is in search of aSr.DevSecOps Engineer to design, implement, and maintain secure and efficient CI/CD pipelines. · Responsibilities: · Work across development, operations, and security teams to integrate security practices into the SDLC ...
-
DevSecOps Engineer
3 weeks ago
HarmonyTech Washington, United StatesJob Description · Job DescriptionHarmonyTech is seeking an experienced DevSecOps Engineer to support our client in the Federal financial regulatory environment. The DevSecOps Engineer will be responsible for the deployment and release management processes, setup of continuous int ...
-
DevSecOps Engineer
3 weeks ago
T-Rex Solutions Washington, United StatesJob Description · Job DescriptionT-Rex Solutions is looking to select a DevSecOps Engineer to support the US Department of the Treasury TCloud enterprise cloud development effort. This effort aims to facilitate holistic multi-cloud solutions to meet the Department of Treasury's e ...
-
Sr. DevSecOps Engineer
3 weeks ago
Development InfoStructure Arlington, United StatesJob Description · Job DescriptionDevelopment InfoStructure LLC., (DEVIS) provides exceptional DevSecOps integration in our agile software development and embedded software solutions, combined with comprehensive IT management and consulting services to our federal, state, and loca ...
-
Mid DevSecOps Engineer
1 week ago
Development InfoStructure Arlington, United StatesDevelopment InfoStructure LLC., (DEVIS) provides exceptional DevSecOps integration in our agile software development and embedded software solutions, combined with comprehensive IT management and consulting services to our federal, state, and local governments. The outcomes of ou ...
-
DevSecOps Engineer
3 weeks ago
Innovative Defense Technologies Arlington, United StatesBackground Information: · Innovative Defense Technologies · (IDT), provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems for the US Department of Defense (DOD) and commercial customers, is seeking a · DevSecOps ...
-
Mid DevSecOps Engineer
3 weeks ago
Development InfoStructure Arlington, United StatesJob Description · Job DescriptionDevelopment InfoStructure LLC., (DEVIS) provides exceptional DevSecOps integration in our agile software development and embedded software solutions, combined with comprehensive IT management and consulting services to our federal, state, and loca ...
-
DevSecOps Engineer
2 weeks ago
540 Arlington, United StatesJob Description · Job Description540 is looking for a DevSecOps Engineer to build capabilities powered by Apigee and Google Cloud. · Location: Arlington, VA (remote flexibility, but must be located in the DMV region) · Citizenship & Clearance Requirement: per client requirements ...
-
Senior DevSecOps Engineer
4 weeks ago
Copper River Management Company Washington, United StatesCopper River Cyber Solutions is seeking a Senior DevSecOps Engineerto join our team in support of a new contract at the Department of Health and Human Services Administration for Strategic Preparedness and Responsiveness. This position will be performed remotely with the occasion ...
-
Lead DevSecOps Engineer
3 weeks ago
Zivaro Inc Washington, United StatesJob Description · Job Description**This position is primarily remote, with 1- up to 3 days per week in office when needed; This position requires a TS/SCI security clearance, and in office work can be done in Washington DC, Pentagon, Fairfax VA, Herndon VA, or Warrenton VA · This ...
-
Sr. DevSecOps Engineer
19 hours ago
Alliance of Professionals & Consultants Inc Washington, United StatesAre you an experienced Sr. DevSecOps Engineer? If so, let's talk · #LI-JN1 · Our client is actively seeking a talented Sr. DevSecOps Engineer. The position is 100% remote. This is a 1-year contract opportunity with the possibility for extension. · Candidate must be U.S. Citizen a ...
-
Senior DevSecOps Engineer
3 weeks ago
Mount Indie Washington, United StatesJob Description · Job DescriptionMount Indie is in search of aSr.DevSecOps Engineer to design, implement, and maintain secure and efficient CI/CD pipelines. · Responsibilities: · Work across development, operations, and security teams to integrate security practices into the SDL ...
-
Azure DevSecOps Engineer
2 weeks ago
T-Rex Solutions Washington, United StatesJob Description · Job DescriptionT-Rex Solutions is looking to select an Azure DevSecOps Engineer to support the US Department of the Treasury TCloud enterprise cloud development effort. This effort aims to facilitate holistic multi-cloud solutions to meet the Department of Treas ...
-
Azure DevSecOps Engineer
4 weeks ago
T-Rex Solutions Washington, United StatesJob Description · Job DescriptionT-Rex Solutions is looking to select an Azure DevSecOps Engineer to support the US Department of the Treasury TCloud enterprise cloud development effort. This effort aims to facilitate holistic multi-cloud solutions to meet the Department of Treas ...
DevSecOps Engineer - Arlington, United States - Innovative Defense Technologies
Description
Background Information:
Innovative Defense Technologies (IDT), provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems for the US Department of Defense (DOD) and commercial customers, is seeking a DevSecOps Engineer to be based in our Arlington, VA office. This individual will work with senior leadership and a fast-paced team of mission-focused engineers to solve some of our customer's toughest challenges. Initiative, creativity, reliability, and efficient teamwork will be required to successfully deliver innovative solutions in this dynamic customer space.
Overview:
At IDT, we are committed to delivering cutting-edge defense solutions that protect and empower our nation's security. As a leading provider of advanced technologies, we strive to stay ahead in an ever-changing landscape. We are seeking a skilled and driven DevSecOps (Development, Security, and Operations) Engineer to join our dynamic team and ensure the highest level of security and efficiency in our software products' development and deployment processes.
This job requires a unique blend of skills from development, security, and operations domains. The successful candidate will contribute to building a high-quality and innovative Secured Software Supply Chain (S3C) that provides IDT engineering teams with the tools and environments that foster innovation for our customers by reducing the friction in building and testing our software products and enabling feedback throughout the software development life cycle.
As a member of the IDT DevSecOps team, you will engage in various tasks throughout the year. Objective Key Results (OKRs) are planned out for the year, with the focus being on improving areas like stability of the S3C and reducing/removing constraints for engineers in producing secure, quality products. Ad-hoc tasks come in ranging from a need to shift OKR priorities due to critical business needs, to recovering from a server power failure. All DevSecOps teammates contribute to the overarching goals while bringing specific areas of expertise to the team.
All applicants must currently possess an active U.S. Security Clearance.
Responsibilities Include:
IDT is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, protected Veteran status, or any other basis protected by federal, state, or local law.
