DevSecOps Engineer

Job Description

Salary:

WWCM has an opening for an experienced DevSecOps Engineer. The DevSecOps Engineer will be responsible for mission systems integration and other capabilities in the areas of sensing, effects, as well as, command, control, communications and intelligence systems, that consider cybersecurity and a host of additional mission support NextGen services.

The DevSecOps Engineer delivers working systems, complete with test cases and documentation, works under technical guidance from more senior staff to deliver infrastructure features within an established architecture in a containerized, orchestrated multi-component environment.

Responsibilities:

Day to day responsibilities include contributing to architecture, establishing, and expanding DevSecOps capabilities in conjunction with the Delivery team to improve the efficiency of the team and customer users. Candidate is responsible for delivering working systems, complete with test cases and documentation, to support a containerized, orchestrated multi-component environment. Candidate is experienced in a fast-paced environment while working under technical guidance.

Understand fundamental cloud computing concepts

Build and operate automated security operations in cloud environment

PaaS/SaaS/IaaS security evaluation and design

Develop security automation and APIs in the public cloud across the key pillars of security namely IAM, CI/CD security, security logging, incident response, data protection, compliance validation, security analytics, vulnerability management, platform, and application threat modeling, etc.

Parse through event logs/files analyzing and determining security related issues

Provide a process driven approach which ensures accuracy and consistency

Create, maintain, and update technical and architectural documentation

Demonstrate excellent communication skills and the ability to partner and collaborate with both engineers, architects, business users, and leaders on architecture and security models

Participate in other security operations duties as requested, including an on-call schedule

Skills & Requirements:

Bachelor's Degree in Networking, Computer Science, Information Security, or equivalent related work experience

3-5 years’ experience with using DevOps technology, automated configuration management, microservices orchestration, and cloud platforms

3-5 years’ experience with Docker or similar containerization, programming or scripting in a major language, years working with CI/CD techniques, and cybersecurity concepts for hardening systems and meeting compliance regimes

Proven experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity, and access management (IAM) and network security

Advanced knowledge of troubleshooting, log analysis, event correlation, and data analysis with a strong understanding of TCP/ IP and networking

Demonstrated experience and/or familiarity with tools used for security analysis (e.g., tcpdump, Wireshark, snort, ngrep, nmap, strings, hexdump, md5sum, systools)

Experience with creating automation scripts (Terraform, Python, Bash, PowerShell, Ansible, etc…)

Experience or familiarity with Firewall/NGFW deployed in a variety of form factors (Checkpoint, Cisco, Palo Alto, Azure Firewall)

Experience or familiarity with Private and public Cloud Architecture (Azure)

Provide technical services and support for the following areas, WAN connectivity, routers, firewalls, and security, cloud network infrastructure, partner interconnects

Ability to configure and troubleshoot Cloud network components, routers, switches, optical transport, and other network equipment

Ability to integrating corporate routing schemes with Cloud resident networks

Experience or familiarity with micro segmentation solution

Experience or familiarity with Load Balancing, Web Application FW, and Authentication solutions (F5, AVI, Azure)

Excellent verbal and written communication skills

Technical Qualifications:

Container technologies such as Docker, Cri-O, Containered

Kubernetes (container orchestration)

ISTIO or similar service mesh tool

Hashicorp Vault

Familiarity with JS applications (React/Redux)

Python and/or Go

Elastic-stack

Ansible

Cloud such as AWS

Systems administration

Microservice architecture and 12 factor app

Bonus Qualifications:

Active security clearance

Prior military or DOD consulting experience

Preferred security certifications: CompTIA Security+, CISSP, CCSP, CCNA Security, CCNP, GNFA, GSEC, GSE

Microsoft Azure and/or AWS certification