DevSecOps / Site Reliability Engineer

$125,000 - $150,000/Yr

GovCIO - Aberdeen Proving Ground, MD

posted about 2 months ago

Full-time - Mid Level
Aberdeen Proving Ground, MD

About the position

GovCIO is currently hiring for a DevSecOps / Site Reliability Engineer to support the U.S. Army Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center. This role is crucial in providing science and technology solutions within the Army Futures Command Combat Capabilities Development Command (DEVCOM). The successful candidate will work as part of a team to develop technologies that the U.S. Army utilizes across various platforms, from Soldier to ground vehicle, and from Air to Space. The C5ISR Center is dedicated to ensuring that our forces possess the capability to see, sense, communicate, and move faster than their adversaries. This position will be located at Aberdeen Proving Ground, MD, and will require the candidate to work onsite. The Innovation Exchange Lab is looking for an individual to support their daily operations, which include performing daily infrastructure as code updates, deploying applications to Kubernetes, and participating in design and code reviews. The candidate will be responsible for documenting DevSecOps processes, ensuring that the platforms are up to date and properly maintained, and creating solutions to address infrastructure and security requirements. Additionally, the role involves identifying needs for build automation, designing and implementing Continuous Integration/Continuous Delivery (CI/CD) solutions, and maintaining GitLab pipelines. The candidate will also support pushes to Kubernetes, implement tools and technologies, test new systems and applications, and automate key security processes. The role requires the candidate to identify security holes and potential breaches, develop security strategies and controls, mitigate risks and vulnerabilities, and promote cybersecurity awareness. Compliance with relevant standards and regulations is essential, as is monitoring the overall network and security infrastructure. The candidate will consult on DevSecOps requirements from diverse application/line of business partners and create reusable solutions and patterns for CI/CD pipelines. They will also publish and disseminate CI/CD best practices, ensure service uptime and response time SLAs/OLAs are met, and troubleshoot problems in the DevSecOps domain. The position requires active participation in bridge calls with team members and contractors/vendors to address issues promptly and ensure incident tracking tools are updated according to established norms.

Responsibilities

  • Perform daily infrastructure as code updates
  • Deploy applications to Kubernetes
  • Participate in design and code reviews and offer direction to ensure project scoping activities match architectural goals and specifications
  • Document DevSecOps processes and ensure that the DevSecOps platforms are up to date and properly maintained
  • Create, develop, and implement solutions to address infrastructure and security requirements
  • Identify the needs for build automation, designing, and implementing Continuous Integration/Continuous Delivery (CI/CD) solutions; Maintain GitLab pipelines
  • Support pushes to Kubernetes
  • Implement tools and technologies
  • Test new systems and applications
  • Automate key security processes
  • Create solutions for an efficient and secure organization
  • Identify security holes and potential breaches
  • Develop security strategies and controls
  • Mitigate risks and vulnerabilities
  • Promote cybersecurity awareness
  • Comply with relevant standards and regulations
  • Monitor the overall network and security infrastructure
  • Consult on DevSecOps requirements from diverse application/line of business partners
  • Create plug-and-play/reusable solutions and patterns for CICD pipelines
  • Create, develop, and implement automation and system integration for various build platforms
  • Publish and disseminate CICD best practices, patterns, and solutions
  • Ensure that the service's uptime and response time SLAs/OLAs are met or surpassed
  • Build or maintain CICD building blocks and shared libraries proactively for app and development teams to enable quicker build and deployment
  • Design action plans to address CICD platform/tools/solutions' shortcomings and difficulties
  • Actively participate in bridge calls with team members and contractors/vendors to prevent or quickly address problems
  • Troubleshoot, identify, and fix problems in the DevSecOps domain
  • Ensure incident tracking tools are updated in accordance with established norms and processes, gather all essential data and document any discoveries and concerns
  • Identify management concerns and problems, assess them, and offer prompt solutions and/or escalation
  • Align with technological Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL)
  • Create and publish engineering platforms and solutions

Requirements

  • High School diploma with 6 - 9 years of experience or commensurate experience
  • Secret Clearance required; Interim Secret is acceptable
  • Comprehensive technical expertise in a variety of DevSecOps toolkits, including Dockers, Helm Chart, Artifactory, Jira, Sonarqube, Nexus repository, Kubernetes, Terraform, GitLab /Version Control Software, or comparable technologies
  • Docker/container knowledge
  • Experience deploying BigBang from Platform One or other helm charts with multiple services/workloads deployed programmatically with downtrace charts, and istio mesh integration and external ingress interoperability, such as Application Gateway and nginx private ingress controllers
  • Knowledge of DevOps Automation (TerraForm, GitHub, GitHub Actions)
  • Knowledge of Prisma cloud, SIEM, SOC, Nessus, Crowd strike or similar services
  • Familiarity with API Security, Container Security, AWS Cloud Security and Azure Sentinel/Defender for Cloud
  • Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA Standards and Policies and the associated certification and audit processes
  • Familiarity with Amazon AWS policy, configuration, and security management tools
  • Experience with security automation and machine learning
  • Proven capacity for thinking leadership and a highly creative problem-solver
  • Excellent analytical and interpersonal skills
  • Ability to express technical information clearly at different organizational levels
  • Communication and collaboration skills to work with other professionals to integrate security throughout the SDLC efficiently
  • Familiarity with information security frameworks, standards, and concepts of integrity, confidentiality, and availability
  • Strong understanding of the entire Software Development Lifecycle
  • Knowledge of best security practices and principles
  • 8570.01-M Certifications: Security+ (or equivalent)

Nice-to-haves

  • Preferred experience with Ansible and/or Jenkins is desired

Benefits

  • Competitive salary
  • Health insurance
  • Retirement plan options
  • Paid time off
  • Professional development opportunities
  • Flexible work environment

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service