Arctic Slope Regional Corporation - Reston, VA
posted 2 months ago
Full-time - Mid Level
Remote - Reston, VA
Support Activities for Mining
About the position
ASRC Federal is seeking an experienced DevSecOps Engineer to support a new government program aimed at enhancing Zero Trust (ZT) operational capabilities. The role involves assessing the maturity of the DevSecOps environment, advising on roadmaps for optimal ZT maturity, and collaborating with security and product teams. The ideal candidate will have prior Federal agency experience and expertise in CI/CD configuration.
Responsibilities
- Ensures that the development and deployment pipelines are secure, automated, and efficient.
- Responsible for designing, advising, and training software development teams on automation and integration activities necessary for DevSecOps workflows.
- Create and maintain technical documentation.
- Solution design, development, integration, and testing.
- Apply experience and advanced knowledge of software development security principles to improve ZT maturity.
- Understand the current state of applications, including existing environments and technical restrictions with legacy code.
- Develop, integrate, and implement solutions to diverse, complex problems.
- Define, plan, and organize assigned resources to accomplish organizational objectives.
Requirements
- Must be a US Citizen able to obtain an agency-specific suitability/public trust clearance prior to starting.
- Bachelor's degree in computer science, electronics engineering, engineering, or another technical discipline.
- Minimum of 8 years' experience.
- Fluency in one or more of the following programming languages: Java, C#, Python, Go.
- 5 years minimum experience implementing automated workflows in CI/CD, DevOps, or DevSecOps environments.
- 5 years minimum experience using tools that enable automated workflows, such as Jenkins, GitLab, TFS, Bitbucket, Git, etc.
- 5 years minimum experience with containers and container technologies such as Docker, Podman, Kubernetes, etc.
- Experience in designing, advising, and training software development teams in automation and integration activities required for DevSecOps workflows.
- Experience with scripting languages.
- 4 years minimum experience implementing automation throughout the Software Development Life Cycle for DevSecOps pipelines.
- Knowledge of assessing the capability of existing DevSecOps pipelines and designing improvements.
- Experience working in an Agile Framework environment.
- Knowledge of DoD security requirements and compliance.
Nice-to-haves
- Cloud experience specifically, AWS, Google, or Azure.
- Proficiency in AWS Cloud administration and AWS services.
- Proficiency in managing EC2 servers, AMIs, restores, and backups.
- Proficiency in configuring and monitoring AWS CloudWatch for resource metrics, logs, and alarms.
- Knowledge of AWS Security Hub for centralized security findings and compliance checks.
- Proficiency in managing AWS storage services (e.g., S3, EBS, EFS).
- Familiarity with AWS Detective for threat detection and investigation.
- Experience with AWS Backup for automated backups and retention policies.
- Experience with AWS Systems Manager for patch management, automation, and compliance.
- AWS or other applicable Technical Certification.
Benefits
- Comprehensive insurance packages including medical, dental, vision, life insurance, and short term/long term disability.
- 401K with generous company match and immediate vesting.
- 11 paid holidays.
- Professional development program including funds for degrees, certifications, and continuing education classes.
