DevSecOps Engineer

The Johns Hopkins University Applied Physics Laboratory - Laurel, MD

posted 2 months ago

Full-time - Mid Level
Laurel, MD
Professional, Scientific, and Technical Services

About the position

The Johns Hopkins University Applied Physics Laboratory (APL) is seeking a DevSecOps Engineer to join our Classified IT Services team. This role is pivotal in enhancing the security capabilities of our IT infrastructure, focusing on compliance and security objectives. As a DevSecOps Engineer, you will be responsible for analyzing data to improve the security posture of the Collateral Networks, identifying operational issues, and evaluating the effectiveness of current security systems. You will also establish a framework to assess and enhance existing controls and processes within the security system. In this collaborative environment, you will lead efforts for compliance in Network Access Control (802.1x) and Comply to Connect, assist with the installation and maintenance of Endpoint Security Solutions (ESS) and Trellix ePolicy Orchestrator (ePO) suite, and analyze logs to monitor authorized and unauthorized devices on the network. Your role will involve monitoring alerts for specific events associated with VPN Gateways or Firewalls, collaborating with audit analysts to ensure continuous policy enforcement, and planning CND tools administration to support diverse requirements from Security Operations and DoD compliance. Additionally, you will support the Vulnerability Management Team to ensure that the ACAS security architecture aligns with DoD regulations and other governing documents. This position offers an opportunity to work with cutting-edge cybersecurity technologies and contribute significantly to the overall security posture of APL's IT infrastructure.

Responsibilities

  • Analyze data to improve the security posture of the Collateral Networks and identify operational issues.
  • Evaluate the effectiveness of current security systems and suggest improvements as necessary.
  • Establish a framework to assess and improve current controls and processes within the security system.
  • Lead compliance efforts in Network Access Control (802.1x) and Comply to Connect.
  • Assist with the installation and maintenance of the ESS/Trellix ePolicy Orchestrator (ePO) suite and associated modules according to DoD-mandated baseline.
  • Analyze logs and monitor authorized and unauthorized removable devices and media on the network.
  • Monitor alerts for specific events associated with VPN Gateways or Firewalls related to unexpected traffic that could indicate a compromise.
  • Collaborate with audit analysts to monitor policy changes, privileged user activities, and data transfers to ensure continuous policy enforcement.
  • Plan, communicate, and coordinate CND tools administration to support requirements from Security Operations, DoD compliance, Cyber Security Services Provider (CSSP), and end-users.
  • Support the Vulnerability Management Team to ensure ACAS security architecture, design, and implementation comply with DoD regulations.

Requirements

  • A Bachelor's degree in Computer Science, Systems Engineering, Information Systems, or a comparable field, or equivalent years of professional work experience in Information Technology (IT).
  • Experience in performing security systems analysis and monitoring.
  • Experience in administering enterprise security tools and capabilities including ESS and ACAS.
  • Experience in both Windows and RHEL Operating Systems.
  • Knowledge in assessing security controls based on cybersecurity principles and tenets.
  • Expertise in Network Access Control (802.1x).
  • Prior experience maintaining and operating ForeScout CounterAct or other Comply-to-Connect solutions.
  • Experience in the implementation of Security Technical Implementation Guide (STIGs) for device hardening.
  • Experience in incident response processes with the ability to troubleshoot issues effectively.
  • Self-starter capable of working effectively under minimal guidance.
  • Ability to obtain FCSA Comply to Connect (C2C) within 6 months of hire.
  • A current industry certification aligned to DoD Manual 8570, 01-M for IAT II (e.g., GSEC, Security+, CCNA-Security).
  • Excellent oral and written communication skills, including the ability to articulate and present highly technical information comprehensibly to all levels of management and staff.
  • An active Secret security clearance and the ability to obtain a Top Secret clearance.

Nice-to-haves

  • A comprehensive understanding of Host-based Security Systems, Device Control Solutions, and Security tools implementation.
  • Experience in implementing and maintaining Application Control solutions.
  • Hands-on in-depth knowledge and experience in networking, network security, VMware, Enterprise storage, server, data center services, and other leading-edge products and technologies.
  • Prior experience utilizing Splunk to create custom queries to analyze and respond to anomalies.
  • A current industry certification aligned to DoD Manual 8140, 01-M for CSSP roles (e.g., CEH, GCIH, CISSP).

Benefits

  • Generous benefits including a robust education assistance program.
  • Unparalleled retirement contributions.
  • Healthy work/life balance.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service