Security Engineer - Reston, United States - Amivero
Description
Job TypeFull-timeDescriptionThe Amivero TeamAmivero's team of IT professionals delivers digital services that elevate the federal government, whether national security or improved government services.
Our human-centered, data-driven approach is focused on truly understanding the environment and the challenge, and reimagining with our customer how outcomes can be achieved.
Our team of technologists leverage modern, agile methods to design and develop equitable, accessible, and innovative data and software services that impact hundreds of millions of people.
As a member of the Amivero team you will use your empathy for a customer's situation, your passion for service, your energy for solutioning, and your bias towards action to bring modernization to very important, mission-critical, and public service government IT systems.
Special RequirementsUS Citizenship Required to obtain Public TrustBachelor Degree + 10years of experienceExperience with Compliance as CodeThe Gist...We are seeking a skilled and motivated Security Professional specializing in Compliance as Code to join our dynamic team.
The ideal candidate will be responsible for ensuring the organization's adherence to security policies, regulatory requirements, and risk management frameworks (RMF) through the implementation of innovative compliance as code solutions and the use of cutting-edge technical tools.
This role requires a deep understanding of security compliance standards, strong coding skills, and the ability to integrate security measures seamlessly into our software development lifecycle.
What Your Day Might Include...Compliance as Code Development:
Spearhead the creation and maintenance of compliance as code solutions to automate security controls and policy enforcement within our development and deployment pipelines.
Automation Frameworks:
Utilize automation frameworks to streamline compliance processes, minimizing manual efforts, and ensuring consistent application of security controls across our technology stack.
Security Tool Implementation:
Evaluate, implement, and manage security tools that support compliance automation, such as static/dynamic code analysis, vulnerability scanners, and configuration management tools.
Collaborative DevSecOps Practices:
Work collaboratively with development and operations teams to foster a DevSecOps culture, where security is seamlessly woven into the fabric of the development lifecycle.
Compliance Documentation and Reporting:
Oversee the documentation of compliance as code artifacts and maintain version control to ensure transparency and traceability.
Generate reports and metrics on compliance status, contributing to continuous improvement efforts.
RequirementsYou'll Bring These Qualifications...US Citizenship Required to obtain Public TrustBachelor's degree in Computer Science, Information Technology, or a related field.
+ 10 years of relevant experienceProven experience in developing and implementing compliance as code solutions.In-depth knowledge of compliance frameworks (e.g., NIST, ISO) and hands-on experience with automation frameworks.
Proficiency in scripting and coding languages (e.g., Python, PowerShell) for automation purposes.
Familiarity with Infrastructure as Code (IaC) tools and practices.
EOE/M/F/VET/DISABLEDAll qualified applicants will receive consideration without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.
Amivero complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
#J-18808-Ljbffr