DevSecOps Engineer

$90,000 - $220,000/Yr

Johns Hopkins - Laurel, MD

posted 7 days ago

Full-time - Entry Level
Laurel, MD
Educational Services

About the position

The DevSecOps Engineer at Johns Hopkins University Applied Physics Laboratory (APL) will be part of the Classified IT Services team, focusing on enhancing IT security capabilities and compliance within a collaborative environment. This role involves analyzing security data, evaluating current systems, and leading efforts to improve security controls and processes, particularly in Network Access Control and compliance with DoD regulations.

Responsibilities

  • Analyze data to improve the security posture of the Collateral Networks and identify operational issues.
  • Evaluate the effectiveness of current security systems and suggest improvements as necessary.
  • Establish a framework to assess and improve current controls and processes to the security system.
  • Lead compliance efforts in Network Access Control (802.1x) and Comply to Connect.
  • Assist with the installation and maintenance of the ESS/Trellix ePolicy Orchestrator (ePO) suite and associated modules according to DoD standards.
  • Analyze logs and monitor authorized and unauthorized removable devices and media on the network.
  • Monitor alerts for specific events associated with VPN Gateways or Firewalls to detect unexpected traffic that may indicate a compromise.
  • Collaborate with audit analysts to monitor policy changes, privileged user activities, and data transfers for continuous policy enforcement.
  • Plan, communicate, and coordinate CND tools administration to support diverse requirements from Security Operations, DoD compliance, and end-users.
  • Support the Vulnerability Management Team to ensure ACAS security architecture and implementation comply with DoD regulations.

Requirements

  • Bachelor's degree in Computer Science, Systems Engineering, Information Systems, or a comparable field, or equivalent professional experience in IT.
  • Experience in performing security systems analysis and monitoring.
  • Experience in administering enterprise security tools including ESS and ACAS.
  • Experience with both Windows and RHEL Operating Systems.
  • Knowledge in assessing security controls based on cybersecurity principles.
  • Expertise in Network Access Control (802.1x).
  • Prior experience maintaining and operating ForeScout CounterAct or similar solutions.
  • Experience implementing Security Technical Implementation Guide (STIGs) for device hardening.
  • Experience in incident response processes and troubleshooting.
  • Self-starter capable of working effectively under minimal guidance.
  • Ability to obtain FCSA Comply to Connect (C2C) within 6 months of hire.
  • Current industry certification aligned to DoD Manual 8570, 01-M for IAT II (e.g., GSEC, Security+, CCNA-Security).
  • Excellent oral and written communication skills, able to present technical information clearly to all levels of management and staff.
  • Active Secret security clearance with the ability to obtain a Top Secret clearance.

Nice-to-haves

  • Comprehensive understanding of Host-based Security Systems and Device Control Solutions.
  • Experience in implementing and maintaining Application Control solutions.
  • Hands-on knowledge and experience in networking, network security, VMware, and enterprise storage.
  • Prior experience utilizing Splunk to create custom queries for anomaly analysis.
  • Current industry certification aligned to DoD Manual 8140, 01-M for CSSP roles (e.g., CEH, GCIH, CISSP).

Benefits

  • Robust education assistance program
  • Unparalleled retirement contributions
  • Healthy work/life balance
  • Comprehensive benefits package including medical, dental, vision, life insurance, short-term and long-term disability, flexible spending accounts, and training and development.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service