DevSecOps Engineer

KBR - Chantilly, VA

posted about 2 months ago

Full-time
Chantilly, VA
Professional, Scientific, and Technical Services

About the position

KBR is seeking a highly motivated Development Security Operations Engineer (DevSecOps) to join our team. The successful candidate will incorporate a range of software and analytical tools to support execution of workflows supporting Commercial Cloud Services (C2S). The candidate will develop methods to incorporate large intelligence collection data that supports collection assessments and analysis. This role requires working as part of an integrated team in direct support of the US Government customer, FFRDC, and other SETA team members in a professional work environment. The DevSecOps Engineer will be responsible for implementing and automating cloud-based security controls, governance processes, and compliance validation, ensuring that application accreditation is supported with requisite design and documentation. The engineer will design, manage, and maintain a stable and efficient infrastructure to optimize service delivery across production, test, and development environments in the cloud throughout the development lifecycle. This includes implementing security scanning and vulnerability management processes, managing and optimizing GitHub repositories and workflows, and collaborating with software development and operations teams to integrate security practices. Troubleshooting and resolving issues related to pipeline automation and security will also be a key part of the role, along with ensuring compliance with security policies and procedures.

Responsibilities

  • Implement and automate cloud-based security controls, governance processes and compliance validation.
  • Support application accreditation with requisite design and documentation.
  • Design, manage, and maintain a stable and efficient infrastructure to optimize service delivery across production, test and development environments in the cloud throughout the development lifecycle.
  • Implement security scanning and vulnerability management processes.
  • Manage and optimize GitHub repositories and workflows.
  • Collaborate with software development and operations teams to integrate security practices.
  • Troubleshoot and resolve issues related to pipeline automation and security.
  • Ensure compliance with security policies and procedures.

Requirements

  • Bachelor's degree
  • 6-10 years of DevSecOps experience
  • Technical skills, knowledge and experience to accomplish work with minimal oversight
  • Demonstrated ability to effectively communicate verbally and in writing
  • Ability to clearly and concisely express multifaceted concepts
  • Ability to develop ideas in a logical sequence leading to a validated conclusion
  • Knowledge/experience of deployment/configuration management tools like Jenkins, Maven, Puppet, or Ansible
  • Utilize version control tools like GIT, Bitbucket, SVN or CVS
  • Experience with network infrastructure, database, cloud and data center operations, and security protocols
  • Strong knowledge of Linux and Windows OS
  • Familiar with AWS and other cloud services
  • Experience with programming and scripting languages like Python, Perl, Bash, PHP, Java, Angular, SQL, Postgres, C++, or C#
  • Strong knowledge of security scanning tools and practices
  • Excellent problem-solving and troubleshooting skills
  • Strong communication and collaboration abilities.

Nice-to-haves

  • Master's of Science degree
  • Experience with end-to-end components of software tools
  • Experience packaging for Windows Server and Linux distributions including automating software template generation, configuring environments and tools, and packaging for installation
  • Experience designing and deploying frameworks with IT automation tools
  • Experience with security frameworks and Risk Management Framework (RMF) process
  • Experience with DoD Authority to Operate (ATO) processes
  • 8570 IAT II compliant certification such as Security+
  • Certified Information Systems Security Professional (CISSP)
  • Experience with collection management and data flows
  • Relevant certifications (e.g., AWS Certified DevOps Engineer, Certified Kubernetes Administrator)
  • Knowledge of compliance frameworks and security standards.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service