DevSecOps Engineer, Beacon Hill, Hyattsville, MD
Beacon Hill -
Hyattsville, MD,
US
DevSecOps Engineer
Date Posted: 2024-06-11
Job description
To Apply for this Job Click Here
What you will do:
Docker, Kubernetes, Terraform, Gitlab, Jenkins, PostgreSQL, AWS, Azure, NPM, JSON, JSON Schema, Markdown, RxJS, HTML, CSS, Git, GitHub, and Unix/Linux.
1378507_171#######
To Apply for this Job Click Here
What you will do:
- Support design, implementation, and maintenance of security controls and processes across the SDLC, including code scanning, vulnerability assessment, and security testing.
- Create, develop, and implement automation and system integration for various build platforms.
- Create plug-and-play/reusable solutions and patterns for CICD pipelines, and build or maintain CICD building blocks and shared libraries proactively for development and deployment efficiency
- Publish and disseminate DevSecOps best practices, patterns, and solutions
- Monitor and respond to security incidents, conducting root cause analysis and implementing corrective actions to prevent future occurrences.
- Design action plans to address CICD platform/tools/solutions' shortcomings and difficulties
- Working closely with Cloud Infrastructure and Security teams to ensure organizational best practices are followed
- Perform performance analysis and optimization, monitoring and problem resolution, upgrade planning and execution, and process creation and documentation.
- Align with technological Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL)
- Can function in project leadership roles and represent as the prime customer contact on significant technical matters
- Ten (10) years in engineering, computer science, or related field
- Five (5) years of hands-on experience supporting DevSecOps to build and automated software development processes.
- Extensive knowledge of institutionalizing Agile and DevSecOps toolkits not limited to but including: Ansible, Jenkins, GitLab, Artifactory, Jira, Terraform, Version Control Software, or comparable technologies.
- Familiarity with information security frameworks and standards (SAST, DAST, IAST, RASP)
- Familiarity with Threat modeling, Static Analysis Tools, and Risk Assessment Techniques
- Strong understanding of cloud computing platforms (e.g., AWS, Azure, GCP) and experience with cloud security best practices.
- Excellent communication and collaboration skills, with the ability to work effectively in a fast-paced, dynamic environment.
- Hands on source code management tools like Git.
Docker, Kubernetes, Terraform, Gitlab, Jenkins, PostgreSQL, AWS, Azure, NPM, JSON, JSON Schema, Markdown, RxJS, HTML, CSS, Git, GitHub, and Unix/Linux.
1378507_171#######
To Apply for this Job Click Here