Senior DevSecOps Engineer

Allegis Group - Reston, VA

posted 3 days ago

Full-time - Senior
Reston, VA
10,001+ employees
Administrative and Support Services

About the position

The Senior DevSecOps Engineer will play a critical role in integrating security practices into the software development lifecycle. This position requires collaboration with development, operations, and security teams to design, implement, and maintain CI/CD pipelines that incorporate automated security testing and compliance checks. The engineer will also be responsible for developing infrastructure as code (IaC) templates, conducting security assessments, and managing identity and access management solutions.

Responsibilities

  • Collaborate with development, operations, and security teams to integrate security practices into the software development lifecycle.
  • Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks.
  • Develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components.
  • Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure.
  • Monitor and analyze system and application logs to detect and respond to security incidents.
  • Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place.
  • Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings.
  • Participate in incident response activities, helping to investigate and mitigate security incidents in a timely manner.
  • Contribute to the development and maintenance of security policies, procedures, and documentation.

Requirements

  • Active TS/SCI Clearance with CI poly.
  • At least 10 years of experience as a DevSecOps Engineer or similar role, with a focus on integrating security into the software development lifecycle.
  • Expert experience with DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium, Fortify, Acunetix, and Prisma Cloud).
  • Expert experience building DevSecOps solutions at scale across IL5 to IL6+ classification domains.
  • Expert understanding of AWS and familiarity with other cloud platforms (e.g., Azure, Google Cloud Platform) and securing cloud-based applications and services.
  • Strong experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.
  • Strong experience in scripting languages (e.g., Python, Bash) for automation and tool integration.
  • Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma Cloud.
  • Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST).

Nice-to-haves

  • Familiarity with other cloud platforms like Azure or Google Cloud Platform.

Benefits

  • Medical, dental & vision
  • Critical Illness, Accident, and Hospital
  • 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
  • Life Insurance (Voluntary Life & AD&D for the employee and dependents)
  • Short and long-term disability
  • Health Spending Account (HSA)
  • Transportation benefits
  • Employee Assistance Program
  • Time Off/Leave (PTO, Vacation or Sick Leave)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service