Sr. DevSecOps Engineer




Job Title: Sr. DevSecOps Engineer
Job Location: Washington, DC
Job Type: Fulltime Perm

Clearance Requirement: Must be US citizen, candidates will have an extensive background check for DHS clearance.

Our client is seeking a DevSecOps Engineer to support a data analytics project at a Federal Government client in Washington DC.

  • The DevSecOps Engineer will gather requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions.
  • Develop, document, and implement CI/CD strategy for management of Infrastructure as Code IaC baseline
  • Develop, document, and implement container management strategy to include management of container security and automated validation of immutable CI pipeline components for compliance with DHS processes.
  • Develop and document shared infrastructure component management strategy to provide consistent standardized container, OS, and application baselines for infrastructure components available through self-service.
  • Identify requirements, develop, document, and implement branching strategy to support change management requirements while automating as much of the deployment process as practical in the IaC CI/CD pipeline.
  • Write code, building infrastructure as code, work with immutable “cloud” based environments, and build the supporting automated toolsets to test and deploy the systems they develop.
  • Maintain services (and supporting cloud infrastructure) once they are live by measuring and monitoring availability, latency and overall system health.
  • Establish strategy/toolset/framework for automating testing of services and products, develop best practices for test automation and develop test suites,
  • Design, develop and implement solutions based on a set of standards and processes which establish consistency across the enterprise data, reduce risk, and promote efficiencies in support of the organization’s goals and objectives,

Must Haves:
  • A Bachelor of Science (BS) degree in related field or equivalent work experience can be substituted instead of a degree.
  • A minimum of 8 years of experience in Cyber Security.
  • 4+ years of hands-on experience in implementing/maintaining security in a CI/CD pipeline.
  • Experience in the design and automation of security tools and processes.
  • Writing and managing Ansible playbooks
  • Managing templated deployments with Ansible Tower
  • Managing IaC and cloud workloads deployed with CI tooling
  • Building and managing CI frameworks
  • Enterprise change management and federal compliance processes
  • Experiences with GitLab or comparable VCS

Nice to Have:
  • Experience in the use and management of an OpenStack deployment across multiple data centers
  • Experience with VMware & Satellite
  • Experience working in an Agile environment
  • Experience with NIST / STIG compliance of immutable infrastructure components
  • Experience with PXE-less discovery provisioning to automate hardware / under cloud scalability
  • One of the following certifications: CCSP, CCSK, CSSLP, CISSP, CEH or similar